Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Rundll32.exe virus

Started by Derobmai41 , Nov 05 2011 04:12 PM

  • Please log in to reply

#1
Derobmai41
Posted 05 November 2011 - 04:12 PM

Derobmai41

    Member

  • Member
  • PipPip
  • 51 posts
AVG Internet security keeps coming up with rundll32.exe virus. been a few times its found it and quarantined it but it seems to always come back. System restore does not work( will not open) keeps saying its not on and when i go to properties from the my computer drop down menu, system restore is not listed like it should be. I also had a google redirect for a while on the computer but I have managed to minimize it alot so thats the least of my worries for now.

***Be advised local drive is E as i replaced the hard drive but had both hooked up when i formatted new one so the new one got labeled E***


OTL logfile created on: 11/5/2011 6:07:32 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\Documents and Settings\Dad\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 59.62% Memory free
3.72 Gb Paging File | 3.10 Gb Available in Paging File | 83.36% Paging File free
Paging file location(s): E:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 51.39 Gb Total Space | 19.44 Gb Free Space | 37.82% Space Free | Partition Type: NTFS
Drive E: | 97.65 Gb Total Space | 6.00 Gb Free Space | 6.14% Space Free | Partition Type: NTFS
Drive G: | 1.88 Gb Total Space | 0.01 Gb Free Space | 0.77% Space Free | Partition Type: FAT

Computer Name: HOME | User Name: Dad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/05 17:59:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Dad\My Documents\Downloads\OTL.exe
PRC - [2011/10/24 15:00:22 | 002,078,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011/10/08 10:11:54 | 000,924,632 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/24 11:38:58 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/10/23 09:40:40 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/10/23 09:40:40 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/10/23 09:40:38 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/10/23 09:40:37 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/23 09:40:37 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/23 09:40:35 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/10/23 09:40:35 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/10/23 09:40:34 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Program Files\AVG\AVG9\avgam.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/08 10:11:54 | 001,833,944 | ---- | M] () -- E:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/25 18:55:52 | 006,271,136 | ---- | M] () -- E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010/10/22 14:23:17 | 000,077,824 | ---- | M] () -- E:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\boost_log-vc71-mt-1_32.dll
MOD - [2010/10/22 14:23:17 | 000,057,344 | ---- | M] () -- E:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\boost_thread-vc71-mt-1_32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Roxio UPnP Renderer 11)
SRV - [2011/09/02 09:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [Disabled | Stopped] -- E:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/23 09:40:38 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- E:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/10/23 09:40:37 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- E:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/23 09:40:35 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- E:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/09/13 13:02:00 | 000,039,408 | ---- | M] () [Disabled | Stopped] -- E:\Program Files\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2010/07/16 06:48:26 | 000,354,288 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- E:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2010/07/16 06:48:04 | 001,099,248 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- E:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2009/10/16 18:39:28 | 000,431,456 | ---- | M] (Seagate) [Disabled | Stopped] -- E:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/06/02 19:05:58 | 000,457,200 | ---- | M] () [Disabled | Stopped] -- E:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- E:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- E:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- E:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Disabled | Stopped] -- E:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/09/13 15:48:06 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- E:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/08/17 17:56:13 | 000,101,720 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/07/21 14:59:08 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/05/05 15:27:26 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- E:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/10/23 09:40:37 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- E:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2010/10/23 09:40:37 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- E:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2010/10/23 09:40:37 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- E:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2010/10/23 09:40:37 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010/10/23 09:40:35 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- E:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/10/23 09:40:34 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- E:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/10/22 14:42:13 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/10/22 14:42:13 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- E:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/10/22 14:41:58 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/10/22 14:41:46 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2010/08/30 18:08:36 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2009/10/20 03:00:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- E:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/10/20 03:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2009/06/02 01:00:00 | 000,025,584 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\SaibVd32.sys -- (SaibVd32)
DRV - [2009/06/02 01:00:00 | 000,021,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\SahdIa32.sys -- (SahdIa32)
DRV - [2009/06/02 01:00:00 | 000,015,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\SaibIa32.sys -- (SaibIa32)
DRV - [2008/09/07 23:05:10 | 000,874,240 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/07/31 23:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/07/31 23:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/02/14 02:12:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007/08/30 08:00:00 | 000,244,608 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\c2scsi.sys -- (c2scsi)
DRV - [2007/04/09 10:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 10:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 10:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/07/28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/08/12 04:00:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003/09/24 14:02:58 | 000,213,120 | ---- | M] (Roxio) [File_System | System | Running] -- E:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/09/24 14:02:58 | 000,146,560 | ---- | M] (Roxio) [File_System | System | Running] -- E:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2003/09/24 14:02:56 | 000,260,224 | ---- | M] (Roxio) [File_System | System | Running] -- E:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/09/24 14:02:56 | 000,118,409 | ---- | M] (Roxio) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/09/24 14:02:56 | 000,022,777 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- E:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/09/24 14:02:56 | 000,021,993 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80126
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E2 53 8B 73 BD 99 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B9 03 11 02 70 94 8B 45 9D 57 66 C8 7A 28 F3 29 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:62020

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.6102
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..keyword.URL: "http://dts.search-re...&systemid=1&q="
FF - prefs.js..keyword.defaultURL: "http://www.crawler.c...bid=60194&qkw="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 62020
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: E:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: E:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: E:\Documents and Settings\Dad\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2EB67873-6E82-4E77-93A0-14AD44ED788A}: E:\Documents and Settings\Dad\Local Settings\Application Data\{2EB67873-6E82-4E77-93A0-14AD44ED788A} [2011/06/21 22:19:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2011/10/08 10:11:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2011/04/08 18:12:35 | 000,000,000 | ---D | M]

[2009/04/07 20:12:03 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Extensions
[2009/04/07 20:12:03 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Extensions\[email protected]
[2011/10/12 17:02:17 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions
[2010/10/23 19:23:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/10/22 19:35:56 | 000,000,000 | ---D | M] (XUL Cache) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions\{8c0957e4-7ebf-42bf-b156-fa52cb9ee903}
[2009/05/27 16:31:35 | 000,004,207 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\searchplugins\aim-search.xml
[2011/07/20 15:16:32 | 000,002,568 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\searchplugins\askcom.xml
[2010/01/16 12:57:30 | 000,002,163 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\searchplugins\bing.xml
[2011/07/17 14:45:06 | 000,002,497 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\searchplugins\SearchResults.xml
[2011/08/18 11:25:36 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions
() (No name found) -- E:\DOCUMENTS AND SETTINGS\DAD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\JEYPK6S1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/06/21 22:19:32 | 000,000,000 | ---D | M] (XULRunner) -- E:\DOCUMENTS AND SETTINGS\DAD\LOCAL SETTINGS\APPLICATION DATA\{2EB67873-6E82-4E77-93A0-14AD44ED788A}
[2009/04/06 18:48:05 | 000,000,000 | ---D | M] (Java Quick Starter) -- E:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/10/08 10:11:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- E:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/10/08 10:11:53 | 000,002,252 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\bing.xml
[2007/07/26 12:05:16 | 000,001,329 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2011/07/17 14:45:06 | 000,002,497 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

========== Chrome ==========


O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Reg Error: Value error.) - {021103B9-9470-458B-9D57-66C87A28F329} - E:\Documents and Settings\Dad\Local Settings\Application Data\ServiceWin32.dll File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - E:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - E:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] E:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\Program Files\AIM\aim.exe (America Online, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1238811694703 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.co...?BundleId=29223 (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.2 167.206.254.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86FA2118-250F-4947-AB4E-34FEA40296C5}: DhcpNameServer = 167.206.254.2 167.206.254.1
O20 - AppInit_DLLs: (E:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - File not found
O20 - AppInit_DLLs: (E:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:\WINDOWS\system32\userinit.exe) -E:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - E:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: E:\Documents and Settings\Dad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: E:\Documents and Settings\Dad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - E:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - E:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) -E:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/03 21:19:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/02 22:29:56 | 000,000,000 | RH-D | C] -- E:\Documents and Settings\Dad\Recent
[1 E:\Documents and Settings\Dad\*.tmp files -> E:\Documents and Settings\Dad\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/05 18:06:18 | 000,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2011/11/05 17:56:19 | 008,405,015 | ---- | M] () -- E:\WINDOWS\TempFile
[2011/11/05 17:56:06 | 000,194,318 | ---- | M] () -- E:\WINDOWS\System32\nvapps.xml
[2011/11/05 17:56:02 | 000,000,486 | ---- | M] () -- E:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/11/05 17:56:02 | 000,000,298 | -HS- | M] () -- E:\WINDOWS\tasks\ytortd.job
[2011/11/05 17:56:01 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2011/11/05 09:26:18 | 088,595,362 | ---- | M] () -- E:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/11/02 22:24:57 | 000,183,808 | ---- | M] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/02 21:56:16 | 000,009,851 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\2189001j.htm
[2011/11/02 21:54:45 | 000,010,271 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\2189001a.htm
[2011/11/02 21:54:10 | 000,010,272 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\2189001.htm
[2011/11/02 20:56:44 | 000,209,350 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Good Carbs List of Carbohydrates in Food.mht
[2011/11/02 20:55:49 | 000,251,796 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Refined Bad Carb Sweet Sugar Death.mht
[2011/11/02 20:52:38 | 000,296,966 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Complex Carbohydrates List of Healthy Carbs.mht
[2011/11/02 20:48:16 | 000,400,010 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Foods That Lower Blood Sugar eHow_com.mht
[2011/10/30 15:49:12 | 000,242,624 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Seasonal-Buying.pdf
[2011/10/23 13:35:38 | 000,000,064 | ---- | M] () -- E:\WINDOWS\System32\rp_stats.dat
[2011/10/23 13:35:38 | 000,000,044 | ---- | M] () -- E:\WINDOWS\System32\rp_rules.dat
[2011/10/23 13:35:09 | 000,000,797 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/10/22 15:29:07 | 000,000,284 | ---- | M] () -- E:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/20 17:17:02 | 000,000,004 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\dfa85bc2
[2011/10/20 17:15:29 | 000,000,004 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\3f75a43d
[2011/10/20 17:10:39 | 000,000,000 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\28d02c38
[2011/10/19 17:57:05 | 000,000,004 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\57d054c2
[2011/10/14 16:46:45 | 000,233,301 | ---- | M] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\census.cache
[2011/10/14 16:46:32 | 000,236,732 | ---- | M] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\ars.cache
[2011/10/14 16:41:14 | 000,000,036 | ---- | M] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\housecall.guid.cache
[2011/10/13 18:38:13 | 000,317,952 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/13 18:34:26 | 000,527,044 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2011/10/13 18:34:26 | 000,096,392 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[2011/10/13 18:30:45 | 000,001,393 | ---- | M] () -- E:\WINDOWS\imsins.BAK
[1 E:\Documents and Settings\Dad\*.tmp files -> E:\Documents and Settings\Dad\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/02 21:56:15 | 000,009,851 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\2189001j.htm
[2011/11/02 21:54:45 | 000,010,271 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\2189001a.htm
[2011/11/02 21:54:07 | 000,010,272 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\2189001.htm
[2011/11/02 20:56:44 | 000,209,350 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Good Carbs List of Carbohydrates in Food.mht
[2011/11/02 20:55:48 | 000,251,796 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Refined Bad Carb Sweet Sugar Death.mht
[2011/11/02 20:52:38 | 000,296,966 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Complex Carbohydrates List of Healthy Carbs.mht
[2011/11/02 20:48:15 | 000,400,010 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Foods That Lower Blood Sugar eHow_com.mht
[2011/11/01 20:16:09 | 000,000,298 | -HS- | C] () -- E:\WINDOWS\tasks\ytortd.job
[2011/10/30 15:49:12 | 000,242,624 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Seasonal-Buying.pdf
[2011/10/23 13:35:38 | 000,000,064 | ---- | C] () -- E:\WINDOWS\System32\rp_stats.dat
[2011/10/23 13:35:38 | 000,000,044 | ---- | C] () -- E:\WINDOWS\System32\rp_rules.dat
[2011/10/19 17:57:05 | 000,000,004 | ---- | C] () -- E:\Documents and Settings\Dad\Application Data\57d054c2
[2011/10/14 16:46:45 | 000,233,301 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\census.cache
[2011/10/14 16:46:32 | 000,236,732 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\ars.cache
[2011/10/14 16:41:14 | 000,000,036 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\housecall.guid.cache
[2011/10/12 17:09:31 | 000,000,000 | ---- | C] () -- E:\Documents and Settings\Dad\Application Data\28d02c38
[2011/10/12 17:09:22 | 000,000,004 | ---- | C] () -- E:\Documents and Settings\Dad\Application Data\3f75a43d
[2011/10/12 17:02:22 | 000,000,004 | ---- | C] () -- E:\Documents and Settings\Dad\Application Data\dfa85bc2
[2011/08/17 20:09:52 | 000,016,432 | ---- | C] () -- E:\WINDOWS\System32\lsdelete.exe
[2011/06/21 22:19:33 | 000,000,120 | ---- | C] () -- E:\WINDOWS\Srizuresi.dat
[2011/06/21 22:19:33 | 000,000,000 | ---- | C] () -- E:\WINDOWS\Fveruteroyowuya.bin
[2011/03/27 11:37:56 | 000,000,253 | ---- | C] () -- E:\WINDOWS\WININIT.INI
[2011/03/23 19:54:38 | 000,000,350 | ---- | C] () -- E:\WINDOWS\SIERRA.INI
[2010/12/17 14:49:18 | 000,000,004 | ---- | C] () -- E:\Documents and Settings\Dad\Application Data\B0282C
[2010/12/17 14:49:17 | 000,870,128 | ---- | C] () -- E:\Documents and Settings\Dad\Application Data\mcs.rma
[2010/11/21 16:32:28 | 000,000,600 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\PUTTY.RND
[2010/09/27 19:36:40 | 000,002,672 | ---- | C] () -- E:\WINDOWS\System32\KGyGaAvL.sys
[2010/09/27 19:36:40 | 000,000,008 | ---- | C] () -- E:\WINDOWS\System32\13142D8800.sys
[2010/09/27 19:35:41 | 001,300,048 | ---- | C] () -- E:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
[2010/09/20 16:11:16 | 000,000,162 | ---- | C] () -- E:\WINDOWS\kodakpcd.Dad.ini
[2010/09/03 20:26:05 | 000,688,328 | ---- | C] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/30 18:08:36 | 000,000,383 | ---- | C] () -- E:\WINDOWS\System32\haspdos.sys
[2010/02/26 22:17:11 | 000,001,324 | ---- | C] () -- E:\WINDOWS\System32\d3d9caps.dat
[2010/01/02 10:29:42 | 000,004,216 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\rx_audio.Cache
[2009/12/20 12:50:06 | 000,067,628 | ---- | C] () -- E:\WINDOWS\System32\mlfcache.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- E:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- E:\WINDOWS\System32\OGAEXEC.exe
[2009/07/12 06:59:03 | 000,000,029 | ---- | C] () -- E:\WINDOWS\Epsonpl.ini
[2009/07/01 20:49:53 | 000,000,196 | ---- | C] () -- E:\WINDOWS\_delis32.ini
[2009/07/01 20:49:31 | 000,100,864 | ---- | C] () -- E:\WINDOWS\System32\Dc50ip32.dll
[2009/07/01 20:49:31 | 000,065,864 | ---- | C] () -- E:\WINDOWS\System32\Digita.sys
[2009/07/01 20:49:31 | 000,007,808 | ---- | C] () -- E:\WINDOWS\System32\dc240u.sys
[2009/07/01 20:49:31 | 000,006,144 | ---- | C] () -- E:\WINDOWS\System32\ImgLibLead.dll
[2009/07/01 20:49:25 | 000,210,944 | ---- | C] () -- E:\WINDOWS\System32\MSVCRT10.DLL
[2009/07/01 20:49:25 | 000,048,640 | ---- | C] () -- E:\WINDOWS\catalogSubInstaller.exe
[2009/06/23 10:50:10 | 000,204,884 | ---- | C] () -- E:\WINDOWS\System32\spxusb.dll
[2009/06/23 10:45:58 | 000,438,272 | ---- | C] () -- E:\WINDOWS\System32\STLibWrapper.dll
[2009/06/23 10:45:58 | 000,055,808 | ---- | C] () -- E:\WINDOWS\System32\zlib1.dll
[2009/06/23 10:45:54 | 000,748,160 | ---- | C] () -- E:\WINDOWS\System32\co2c40en.dll
[2009/05/27 16:28:39 | 000,000,021 | ---- | C] () -- E:\WINDOWS\atid.ini
[2009/05/01 19:52:07 | 000,000,144 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\rx_image32.Cache
[2009/04/09 20:03:51 | 000,061,440 | ---- | C] () -- E:\WINDOWS\System32\wintab32.dll
[2009/04/09 20:01:41 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa3044593.exe
[2009/04/09 20:01:22 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa3026343.exe
[2009/04/09 20:01:08 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa3012609.exe
[2009/04/09 20:00:56 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa3000171.exe
[2009/04/09 19:18:20 | 000,002,186 | ---- | C] () -- E:\WINDOWS\print3d.dat
[2009/04/09 19:16:35 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa338390.exe
[2009/04/09 19:16:11 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa315062.exe
[2009/04/08 20:21:53 | 000,000,042 | ---- | C] () -- E:\WINDOWS\creator.INI
[2009/04/06 19:16:35 | 000,183,808 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/03 22:30:10 | 000,000,000 | ---- | C] () -- E:\WINDOWS\nsreg.dat
[2009/04/03 21:39:09 | 000,004,984 | ---- | C] () -- E:\WINDOWS\System32\drivers\nvphy.bin
[2009/04/03 21:38:36 | 000,005,810 | ---- | C] () -- E:\WINDOWS\System32\drivers\ASACPI.sys
[2009/04/03 21:38:27 | 000,025,020 | ---- | C] () -- E:\WINDOWS\Ascd_tmp.ini
[2009/04/03 21:38:26 | 000,010,296 | ---- | C] () -- E:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/04/03 21:20:57 | 000,002,048 | --S- | C] () -- E:\WINDOWS\bootstat.dat
[2009/04/03 21:16:59 | 000,021,640 | ---- | C] () -- E:\WINDOWS\System32\emptyregdb.dat
[2009/03/30 15:53:03 | 000,004,161 | ---- | C] () -- E:\WINDOWS\ODBCINST.INI
[2009/03/30 15:50:22 | 000,317,952 | ---- | C] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2008/08/01 02:48:00 | 001,724,416 | ---- | C] () -- E:\WINDOWS\System32\nvwdmcpl.dll
[2008/08/01 02:48:00 | 001,657,376 | ---- | C] () -- E:\WINDOWS\System32\nwiz.exe
[2008/08/01 02:48:00 | 001,503,232 | ---- | C] () -- E:\WINDOWS\System32\nview.dll
[2008/08/01 02:48:00 | 001,346,080 | ---- | C] () -- E:\WINDOWS\System32\nvdspsch.exe
[2008/08/01 02:48:00 | 001,101,824 | ---- | C] () -- E:\WINDOWS\System32\nvwimg.dll
[2008/08/01 02:48:00 | 000,466,944 | ---- | C] () -- E:\WINDOWS\System32\nvshell.dll
[2008/08/01 02:48:00 | 000,449,056 | ---- | C] () -- E:\WINDOWS\System32\nvappbar.exe
[2008/08/01 02:48:00 | 000,436,768 | ---- | C] () -- E:\WINDOWS\System32\keystone.exe
[2008/08/01 02:48:00 | 000,286,720 | ---- | C] () -- E:\WINDOWS\System32\nvnt4cpl.dll
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- E:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- E:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- E:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- E:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- E:\WINDOWS\System32\gthrctr.ini
[2006/11/02 20:40:12 | 000,174,656 | ---- | C] () -- E:\WINDOWS\System32\PSIService.exe
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- E:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- E:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,527,044 | ---- | C] () -- E:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- E:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- E:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,096,392 | ---- | C] () -- E:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- E:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- E:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- E:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- E:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- E:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- E:\WINDOWS\System32\noise.dat
[2004/01/30 15:07:46 | 000,245,408 | ---- | C] () -- E:\WINDOWS\System32\unicows.dll
[2000/10/25 17:15:00 | 000,017,920 | ---- | C] () -- E:\WINDOWS\System32\Implode.dll
[1999/03/12 00:00:00 | 000,299,008 | ---- | C] () -- E:\WINDOWS\System32\Crutl14.dll

========== LOP Check ==========

[2009/05/27 16:28:10 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\acccore
[2009/12/02 18:23:05 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\AIM
[2011/11/05 17:56:32 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\avg9
[2011/07/17 15:17:41 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\boost_interprocess
[2009/09/25 14:57:15 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\CA
[2011/03/14 18:02:37 | 000,000,000 | -H-D | M] -- E:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/27 10:43:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\PhotoShow Shared Assets
[2011/08/25 19:33:59 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Scanning Suite
[2010/10/22 14:42:16 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Seagate
[2009/04/09 19:31:35 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011/07/30 20:13:33 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Temp
[2009/04/09 19:55:20 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Uninstall
[2009/05/22 21:09:27 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/20 12:41:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/24 11:29:58 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/05/27 16:29:31 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\acccore
[2009/04/04 21:00:43 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\Aim
[2010/09/29 17:27:47 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\BitTorrent
[2010/09/27 19:36:29 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\CVS
[2010/12/27 21:59:44 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\Driver Smith
[2010/06/18 18:34:53 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\Facebook
[2011/11/01 20:56:59 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\FrostWire
[2009/11/14 19:03:15 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\Home Designer Suite 8.0
[2011/07/17 21:43:17 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\mediabarim
[2009/04/09 20:08:03 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\progeSOFT
[2011/03/27 10:43:55 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\Simple Star
[2011/08/24 22:06:54 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\uTorrent
[2009/04/26 14:41:53 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\Viewpoint
[2009/04/04 19:38:31 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\Windows Desktop Search
[2009/04/06 18:57:00 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Dad\Application Data\Windows Search
[2011/11/05 17:56:02 | 000,000,486 | ---- | M] () -- E:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/11/05 17:56:02 | 000,000,298 | -HS- | M] () -- E:\WINDOWS\Tasks\ytortd.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> E:\Documents and Settings\All Users\Application Data\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> E:\Documents and Settings\All Users\Application Data\Temp:DFC5A2B2

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 05 November 2011 - 06:55 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c 


:processes
killallprocesses

:OTL
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.6102
[2011/10/22 19:35:56 | 000,000,000 | ---D | M] (XUL Cache) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions\{8c0957e4-7ebf-42bf-b156-fa52cb9ee903}
[2011/06/21 22:19:32 | 000,000,000 | ---D | M] (XULRunner) -- E:\DOCUMENTS AND SETTINGS\DAD\LOCAL SETTINGS\APPLICATION DATA\{2EB67873-6E82-4E77-93A0-14AD44ED788A}
[2009/04/06 18:48:05 | 000,000,000 | ---D | M] (Java Quick Starter) -- E:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
O2 - BHO: (Reg Error: Value error.) - {021103B9-9470-458B-9D57-66C87A28F329} - E:\Documents and Settings\Dad\Local Settings\Application Data\ServiceWin32.dll File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - E:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - E:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O20 - AppInit_DLLs: (E:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - File not found
O20 - AppInit_DLLs: (E:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - File not found
[2011/11/05 17:56:02 | 000,000,298 | -HS- | M] () -- E:\WINDOWS\tasks\ytortd.job
[2011/10/20 17:17:02 | 000,000,004 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\dfa85bc2
[2011/10/20 17:15:29 | 000,000,004 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\3f75a43d
[2011/10/20 17:10:39 | 000,000,000 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\28d02c38
[2011/10/19 17:57:05 | 000,000,004 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\57d054c2
[2011/06/21 22:19:33 | 000,000,120 | ---- | C] () -- E:\WINDOWS\Srizuresi.dat
[2011/06/21 22:19:33 | 000,000,000 | ---- | C] () -- E:\WINDOWS\Fveruteroyowuya.bin
[2009/04/09 20:01:41 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa3044593.exe
[2009/04/09 20:01:22 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa3026343.exe
[2009/04/09 20:01:08 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa3012609.exe
[2009/04/09 20:00:56 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa3000171.exe
[2009/04/09 19:18:20 | 000,002,186 | ---- | C] () -- E:\WINDOWS\print3d.dat
[2009/04/09 19:16:35 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa338390.exe
[2009/04/09 19:16:11 | 155,655,543 | ---- | C] () -- E:\WINDOWS\System32\xa315062.exe

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
    
:Commands
[purity]
[Reboot]
then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.

Open OTL again and select either the Use SafeList or All option in the Extra Registry group then the Run Scan button. Post the two logs it produces in your next reply.

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.



Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Your anti-virus is obsolete.

Download and save the AVG removal tool
http://download.avg....6_2011_1184.exe

Download and save the free Avast installer.
http://www.avast.com...ivirus-download
Uninstall AVG

Run the Avg Remover

Reboot

Install Avast. (Register when it asks you - they will try to talk you in to buying the full product but the free version is what we want.)
Once you have it installed and it has updated:

Click on the Avast ball. Then click on Scan Computer, then on
Boot-Time Scan then on Settings. Change the Ask at the bottom to Move to Chest. OK then Schedule Now. Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Click on the Avast ball and then on Scan Logs, select the Boot-time scan report then View Results. How many did it find?

I think on XP systems the log file can be found in text form in C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report\boot.txt
If you find it copy and paste it into a reply.

Run OTL

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Ron
  • 0

#3
Derobmai41
Posted 06 November 2011 - 02:06 PM

Derobmai41

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Scans all complete. in aswmbr.exe only fixmbr enabled, not the fix button.

========== PROCESSES ==========
All processes killed
========== OTL ==========
Prefs.js: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.6102 removed from extensions.enabledItems
E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions\{8c0957e4-7ebf-42bf-b156-fa52cb9ee903}\defaults\preferences folder moved successfully.
E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions\{8c0957e4-7ebf-42bf-b156-fa52cb9ee903}\defaults folder moved successfully.
E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions\{8c0957e4-7ebf-42bf-b156-fa52cb9ee903}\chrome folder moved successfully.
E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions\{8c0957e4-7ebf-42bf-b156-fa52cb9ee903} folder moved successfully.
E:\DOCUMENTS AND SETTINGS\DAD\LOCAL SETTINGS\APPLICATION DATA\{2EB67873-6E82-4E77-93A0-14AD44ED788A}\chrome\content folder moved successfully.
E:\DOCUMENTS AND SETTINGS\DAD\LOCAL SETTINGS\APPLICATION DATA\{2EB67873-6E82-4E77-93A0-14AD44ED788A}\chrome folder moved successfully.
E:\DOCUMENTS AND SETTINGS\DAD\LOCAL SETTINGS\APPLICATION DATA\{2EB67873-6E82-4E77-93A0-14AD44ED788A} folder moved successfully.
E:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF\chrome\content folder moved successfully.
E:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF\chrome folder moved successfully.
E:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{021103B9-9470-458B-9D57-66C87A28F329}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{021103B9-9470-458B-9D57-66C87A28F329}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25BC7718-0BFA-40EA-B381-4B2D9732D686}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25BC7718-0BFA-40EA-B381-4B2D9732D686}\ deleted successfully.
E:\Program Files\Yahoo!\Search Protection\ysp.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
E:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
File E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:E:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:E:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll deleted successfully.
E:\WINDOWS\tasks\ytortd.job moved successfully.
E:\Documents and Settings\Dad\Application Data\dfa85bc2 moved successfully.
E:\Documents and Settings\Dad\Application Data\3f75a43d moved successfully.
E:\Documents and Settings\Dad\Application Data\28d02c38 moved successfully.
E:\Documents and Settings\Dad\Application Data\57d054c2 moved successfully.
E:\WINDOWS\Srizuresi.dat moved successfully.
E:\WINDOWS\Fveruteroyowuya.bin moved successfully.
E:\WINDOWS\system32\xa3044593.exe moved successfully.
E:\WINDOWS\system32\xa3026343.exe moved successfully.
E:\WINDOWS\system32\xa3012609.exe moved successfully.
E:\WINDOWS\system32\xa3000171.exe moved successfully.
E:\WINDOWS\print3d.dat moved successfully.
E:\WINDOWS\system32\xa338390.exe moved successfully.
E:\WINDOWS\system32\xa315062.exe moved successfully.
========== FILES ==========
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
E:\Documents and Settings\Dad\Desktop\Tools\cmd.bat deleted successfully.
E:\Documents and Settings\Dad\Desktop\Tools\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
E:\Documents and Settings\Dad\Desktop\Tools\cmd.bat deleted successfully.
E:\Documents and Settings\Dad\Desktop\Tools\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
E:\Documents and Settings\Dad\Desktop\Tools\cmd.bat deleted successfully.
E:\Documents and Settings\Dad\Desktop\Tools\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
E:\Documents and Settings\Dad\Desktop\Tools\cmd.bat deleted successfully.
E:\Documents and Settings\Dad\Desktop\Tools\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.31.0 log created on 11062011_122229

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


==============================================================================================================


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8097

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/6/2011 12:33:03 PM
mbam-log-2011-11-06 (12-33-03).txt

Scan type: Quick scan
Objects scanned: 185650
Time elapsed: 3 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


===============================================================================================================


ComboFix 11-11-06.02 - Dad 11/06/2011 12:40:58.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1917.1505 [GMT -5:00]
Running from: e:\documents and settings\Dad\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\documents and settings\All Users\Application Data\DragToDiscUserNameD.txt
e:\documents and settings\All Users\Application Data\pswi_preloaded.exe
e:\documents and settings\All Users\Application Data\TEMP
e:\documents and settings\All Users\Application Data\TEMP\AVG\avgfinst.dat
e:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg
e:\documents and settings\All Users\Application Data\TEMP\AVG\crt_x64.msi
e:\documents and settings\All Users\Application Data\TEMP\AVG\files.dat
e:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm
e:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg
e:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg
e:\documents and settings\All Users\Application Data\TEMP\AVG\setup.dat
e:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe
e:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupcz.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupda.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupfr.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupge.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setuphu.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupid.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupin.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupit.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupjp.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupko.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupms.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupnl.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setuppb.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setuppl.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setuppt.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupru.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupsc.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupsk.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupsp.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setuptr.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupus.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupzh.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\setupzt.lns
e:\documents and settings\All Users\Application Data\TEMP\AVG\vcredis1.cab
e:\documents and settings\All Users\Application Data\TEMP\AVG\vcredist.msi
e:\documents and settings\Dad\jqcxomxjgn.tmp
e:\documents and settings\Dad\Start Menu\301.lnk
e:\documents and settings\Dad\WINDOWS
e:\windows\system32\system
.
.
((((((((((((((((((((((((( Files Created from 2011-10-06 to 2011-11-06 )))))))))))))))))))))))))))))))
.
.
2011-11-06 17:28 . 2011-08-31 22:00 22216 ----a-w- e:\windows\system32\drivers\mbam.sys
2011-11-06 17:22 . 2011-11-06 17:22 -------- d-----w- E:\_OTL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 15:41 . 2008-07-29 23:59 611328 ----a-w- e:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-04 12:00 220160 ----a-w- e:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-04 12:00 20480 ----a-w- e:\windows\system32\oleaccrc.dll
2011-09-09 09:12 . 2004-08-04 12:00 599040 ----a-w- e:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-04 12:00 1858944 ------w- e:\windows\system32\win32k.sys
2011-08-22 23:48 . 2004-08-04 12:00 916480 ----a-w- e:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-04 12:00 43520 ------w- e:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-04 12:00 1469440 ------w- e:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-04 12:00 385024 ------w- e:\windows\system32\html.iec
2011-08-17 21:56 . 2011-08-17 21:56 101720 ----a-w- e:\windows\system32\drivers\SBREDrv.sys
2011-08-17 13:49 . 2004-08-04 12:00 138496 ------w- e:\windows\system32\drivers\afd.sys
2011-10-08 14:11 . 2011-04-08 22:12 134104 ----a-w- e:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="e:\windows\system32\NvCpl.dll" [2008-09-18 13574144]
"HDAudDeck"="e:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-09-16 30023680]
"NvMediaCenter"="e:\windows\system32\NvMcTray.dll" [2008-09-18 86016]
"Malwarebytes' Anti-Malware"="e:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/w...54&ver=9.0.894" [?]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "e:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=e:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=e:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\E:^Documents and Settings^Dad^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=e:\documents and settings\Dad\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=e:\windows\pss\LimeWire On Startup.lnkStartup
.
[HKLM\~\startupfolder\E:^Documents and Settings^Dad^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=e:\documents and settings\Dad\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=e:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
e:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2009-10-16 22:42 904840 ----a-w- e:\program files\Seagate\DiscWizard\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 06:04 39792 -c--a-w- e:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2007-02-06 15:20 478800 ----a-w- e:\program files\CVS\CVS Photo Editor Plus\Corel Photo Downloader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPMonitor]
2010-08-25 16:27 84464 ----a-w- e:\program files\Roxio\CinePlayer\5.0\CPMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
2010-06-30 13:10 477680 ----a-w- e:\program files\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiscWizardMonitor.exe]
2009-10-16 22:37 1325936 ----a-w- e:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 15:44 31072 -c--a-w- e:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 21:33 141600 ----a-w- e:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 19:39 1090952 ----a-w- e:\program files\Malwarebytes' Anti-Malware\123452.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-11-10 20:39 5244216 ----a-w- e:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- e:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 21:44 3883856 ----a-w- e:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-09-18 03:55 1657376 ------w- e:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
2003-07-15 16:36 319488 ----a-w- e:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2003-09-24 18:02 868352 ----a-w- e:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
2003-05-01 22:44 65536 ----a-w- e:\program files\Common Files\Roxio Shared\System\EngUtil.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2010-07-16 10:48 307184 ----a-w- e:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Scheduler2 Service]
2009-10-16 22:39 136544 ----a-w- e:\program files\Common Files\Seagate\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-04-06 22:48 148888 -c--a-w- e:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-12-22 22:01 395640 ----a-w- e:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2010-04-01 03:34 243000 ----a-w- e:\program files\Yahoo!\Search Protection\YspService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Viewpoint Manager Service"=2 (0x2)
"RoxWatch11"=2 (0x2)
"RoxMediaDB11"=3 (0x3)
"RoxLiveShare11"=2 (0x2)
"Roxio Upnp Server 11"=2 (0x2)
"Roxio UPnP Renderer 11"=3 (0x3)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"iPod Service"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"YahooAUService"=2 (0x2)
"WSearch"=2 (0x2)
"SgtSch2Svc"=2 (0x2)
"ProtexisLicensing"=2 (0x2)
"Bonjour Service"=2 (0x2)
"SeaPort"=2 (0x2)
"BOT4Service"=2 (0x2)
"9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269"=2 (0x2)
"sdCoreService"=2 (0x2)
"Browser Defender Update Service"=2 (0x2)
"sdAuxService"=2 (0x2)
"RoxWatch12"=2 (0x2)
"RoxMediaDB13"=3 (0x3)
"Lavasoft Ad-Aware Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\AIM\\aim.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"e:\\Program Files\\uTorrent\\uTorrent.exe"=
"e:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"e:\\Program Files\\AIM7\\aim.exe"=
"e:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Program Files\\iTunes\\iTunes.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"e:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"e:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"e:\\Program Files\\FrostWire\\FrostWire.exe"=
"e:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
R0 SahdIa32;HDD Filter Driver;e:\windows\system32\drivers\SahdIa32.sys [3/27/2011 9:49 AM 21488]
R0 SaibIa32;Volume Filter Driver;e:\windows\system32\drivers\SaibIa32.sys [3/27/2011 9:49 AM 15856]
R1 c2scsi;c2scsi;e:\windows\system32\drivers\c2scsi.sys [11/14/2009 5:15 PM 244608]
R1 SaibVd32;Virtual Disk Driver;e:\windows\system32\drivers\SaibVd32.sys [3/27/2011 9:49 AM 25584]
R1 SBRE;SBRE;e:\windows\system32\drivers\SBREDrv.sys [8/17/2011 4:56 PM 101720]
R2 MBAMService;MBAMService;e:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11/6/2011 12:28 PM 366152]
R2 WinDefend;Windows Defender;e:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
R3 MBAMProtector;MBAMProtector;e:\windows\system32\drivers\mbam.sys [11/6/2011 12:28 PM 22216]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;e:\windows\system32\drivers\viahduaa.sys [4/3/2009 8:40 PM 874240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;e:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\e:\windows\system32\drivers\mbamswissarmy.sys --> e:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;e:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
S4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;e:\program files\Roxio\BackOnTrack\App\SaibSVC.exe [6/2/2009 6:05 PM 457200]
S4 BOT4Service;BOT4Service;e:\program files\Roxio\BackOnTrack\App\BService.exe [8/30/2010 10:14 PM 39408]
S4 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;"e:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe" --> e:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [?]
S4 RoxMediaDB13;RoxMediaDB13;e:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [7/16/2010 5:48 AM 1099248]
S4 RoxWatch12;Roxio Hard Drive Watcher 12;e:\program files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [7/16/2010 5:48 AM 354288]
S4 SgtSch2Svc;Seagate Scheduler2 Service;e:\program files\Common Files\Seagate\Schedule2\schedul2.exe [10/16/2009 5:39 PM 431456]
S4 Viewpoint Manager Service;Viewpoint Manager Service;e:\program files\Viewpoint\Common\ViewpointService.exe [5/22/2009 8:09 PM 24652]
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-22 e:\windows\Tasks\AppleSoftwareUpdate.job
- e:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
.
2011-11-06 e:\windows\Tasks\MP Scheduled Scan.job
- e:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
TCP: DhcpNameServer = 167.206.254.2 167.206.254.1
FF - ProfilePath - e:\documents and settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(general.useragent.extra.brc,
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Aim6 - e:\program files\AIM6\aim6.exe
MSConfigStartUp-ApnUpdater - e:\program files\Ask.com\Updater\Updater.exe
MSConfigStartUp-BitTorrent - e:\program files\BitTorrent\BitTorrent.exe
MSConfigStartUp-CSmileys - e:\progra~1\Crawler\Smileys\CSmileysIM.exe
MSConfigStartUp-DATAMNGR - e:\progra~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
MSConfigStartUp-ISTray - e:\program files\PC Tools Security\pctsGui.exe
MSConfigStartUp-JavaNotifierProfile - e:\documents and settings\All Users\Application Data\JavaNotifierProfile.dll
MSConfigStartUp-Malware Protection - e:\documents and settings\All Users\Application Data\defender.exe
MSConfigStartUp-Microsoft Default Manager - e:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
MSConfigStartUp-Ofilo - e:\windows\uqaxavowiyel.dll
MSConfigStartUp-PCTools FGuard - e:\program files\PC Tools Security\BDT\FGuard.exe
MSConfigStartUp-QuickTime Task - e:\program files\QuickTime\qttask.exe
MSConfigStartUp-Search Protection - e:\program files\Yahoo!\Search Protection\SearchProtection.exe
.
.
.
**************************************************************************
.
disk not found E:\
.
please note that you need administrator rights to perform deep scan
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = e:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1956)
e:\windows\system32\WININET.dll
e:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
e:\windows\system32\ieframe.dll
e:\windows\system32\webcheck.dll
e:\windows\system32\WPDShServiceObj.dll
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
e:\windows\system32\nvsvc32.exe
e:\windows\system32\MsPMSPSv.exe
e:\windows\system32\wscntfy.exe
e:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Completion time: 2011-11-06 12:54:19 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-06 17:54
.
Pre-Run: 7,538,077,696 bytes free
Post-Run: 7,489,232,896 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - F0FD12A77DFA46C729FB099393BDDA50


=================================================================================================================


12:58:34.0718 3336 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
12:58:36.0328 3336 ============================================================
12:58:36.0328 3336 Current date / time: 2011/11/06 12:58:36.0328
12:58:36.0328 3336 SystemInfo:
12:58:36.0328 3336
12:58:36.0328 3336 OS Version: 5.1.2600 ServicePack: 3.0
12:58:36.0328 3336 Product type: Workstation
12:58:36.0328 3336 ComputerName: HOME
12:58:36.0328 3336 UserName: Dad
12:58:36.0328 3336 Windows directory: E:\WINDOWS
12:58:36.0328 3336 System windows directory: E:\WINDOWS
12:58:36.0328 3336 Processor architecture: Intel x86
12:58:36.0328 3336 Number of processors: 2
12:58:36.0328 3336 Page size: 0x1000
12:58:36.0328 3336 Boot type: Normal boot
12:58:36.0328 3336 ============================================================
12:58:37.0125 3336 Initialize success
12:58:39.0750 3412 ============================================================
12:58:39.0750 3412 Scan started
12:58:39.0750 3412 Mode: Manual;
12:58:39.0750 3412 ============================================================
12:58:40.0234 3412 Abiosdsk - ok
12:58:40.0234 3412 abp480n5 - ok
12:58:40.0234 3412 ACPI - ok
12:58:40.0250 3412 ACPIEC - ok
12:58:40.0250 3412 adpu160m - ok
12:58:40.0250 3412 aec - ok
12:58:40.0250 3412 AFD - ok
12:58:40.0250 3412 Aha154x - ok
12:58:40.0250 3412 aic78u2 - ok
12:58:40.0250 3412 aic78xx - ok
12:58:40.0250 3412 AliIde - ok
12:58:40.0265 3412 amsint - ok
12:58:40.0265 3412 asc - ok
12:58:40.0265 3412 asc3350p - ok
12:58:40.0265 3412 asc3550 - ok
12:58:40.0265 3412 AsyncMac - ok
12:58:40.0281 3412 atapi - ok
12:58:40.0281 3412 Atdisk - ok
12:58:40.0281 3412 Atmarpc - ok
12:58:40.0281 3412 audstub - ok
12:58:40.0281 3412 Beep - ok
12:58:40.0281 3412 c2scsi - ok
12:58:40.0281 3412 catchme - ok
12:58:40.0296 3412 cbidf2k - ok
12:58:40.0296 3412 cd20xrnt - ok
12:58:40.0296 3412 Cdaudio - ok
12:58:40.0296 3412 Cdfs - ok
12:58:40.0296 3412 Cdr4_xp - ok
12:58:40.0296 3412 Cdralw2k - ok
12:58:40.0296 3412 Cdrom - ok
12:58:40.0296 3412 cdudf_xp - ok
12:58:40.0312 3412 Changer - ok
12:58:40.0312 3412 CmdIde - ok
12:58:40.0312 3412 Cpqarray - ok
12:58:40.0312 3412 dac2w2k - ok
12:58:40.0312 3412 dac960nt - ok
12:58:40.0328 3412 Disk - ok
12:58:40.0328 3412 dmboot - ok
12:58:40.0328 3412 dmio - ok
12:58:40.0328 3412 dmload - ok
12:58:40.0328 3412 DMusic - ok
12:58:40.0328 3412 dpti2o - ok
12:58:40.0328 3412 drmkaud - ok
12:58:40.0343 3412 DVDVRRdr_xp - ok
12:58:40.0343 3412 dvd_2K - ok
12:58:40.0343 3412 Fastfat - ok
12:58:40.0343 3412 Fdc - ok
12:58:40.0343 3412 Fips - ok
12:58:40.0343 3412 Flpydisk - ok
12:58:40.0359 3412 FltMgr - ok
12:58:40.0359 3412 Fs_Rec - ok
12:58:40.0359 3412 Ftdisk - ok
12:58:40.0359 3412 GEARAspiWDM - ok
12:58:40.0359 3412 Gpc - ok
12:58:40.0359 3412 Hardlock - ok
12:58:40.0359 3412 Haspnt - ok
12:58:40.0359 3412 HDAudBus - ok
12:58:40.0375 3412 HidUsb - ok
12:58:40.0375 3412 hpn - ok
12:58:40.0375 3412 HTTP - ok
12:58:40.0375 3412 i2omgmt - ok
12:58:40.0375 3412 i2omp - ok
12:58:40.0375 3412 i8042prt - ok
12:58:40.0375 3412 Imapi - ok
12:58:40.0390 3412 ini910u - ok
12:58:40.0390 3412 IntelIde - ok
12:58:40.0390 3412 intelppm - ok
12:58:40.0390 3412 Ip6Fw - ok
12:58:40.0390 3412 IpFilterDriver - ok
12:58:40.0390 3412 IpInIp - ok
12:58:40.0390 3412 IpNat - ok
12:58:40.0406 3412 IPSec - ok
12:58:40.0406 3412 IRENUM - ok
12:58:40.0406 3412 isapnp - ok
12:58:40.0406 3412 Kbdclass - ok
12:58:40.0406 3412 kbdhid - ok
12:58:40.0406 3412 kmixer - ok
12:58:40.0406 3412 KSecDD - ok
12:58:40.0421 3412 lbrtfdc - ok
12:58:40.0421 3412 MBAMProtector - ok
12:58:40.0421 3412 MBAMSwissArmy - ok
12:58:40.0421 3412 MCSTRM - ok
12:58:40.0421 3412 mmc_2K - ok
12:58:40.0421 3412 mnmdd - ok
12:58:40.0437 3412 Modem - ok
12:58:40.0437 3412 monfilt - ok
12:58:40.0437 3412 Mouclass - ok
12:58:40.0437 3412 MountMgr - ok
12:58:40.0437 3412 mraid35x - ok
12:58:40.0437 3412 MRxDAV - ok
12:58:40.0437 3412 MRxSmb - ok
12:58:40.0453 3412 Msfs - ok
12:58:40.0453 3412 MSKSSRV - ok
12:58:40.0453 3412 MSPCLOCK - ok
12:58:40.0453 3412 MSPQM - ok
12:58:40.0453 3412 mssmbios - ok
12:58:40.0453 3412 MTsensor - ok
12:58:40.0453 3412 Mup - ok
12:58:40.0468 3412 NDIS - ok
12:58:40.0484 3412 NdisTapi - ok
12:58:40.0484 3412 Ndisuio - ok
12:58:40.0484 3412 NdisWan - ok
12:58:40.0484 3412 NDProxy - ok
12:58:40.0484 3412 NetBIOS - ok
12:58:40.0484 3412 NetBT - ok
12:58:40.0500 3412 Npfs - ok
12:58:40.0500 3412 Ntfs - ok
12:58:40.0500 3412 Null - ok
12:58:40.0500 3412 nv - ok
12:58:40.0500 3412 NVENETFD - ok
12:58:40.0500 3412 nvnetbus - ok
12:58:40.0500 3412 NwlnkFlt - ok
12:58:40.0515 3412 NwlnkFwd - ok
12:58:40.0515 3412 Parport - ok
12:58:40.0515 3412 PartMgr - ok
12:58:40.0515 3412 ParVdm - ok
12:58:40.0515 3412 PCI - ok
12:58:40.0515 3412 PCIDump - ok
12:58:40.0515 3412 PCIIde - ok
12:58:40.0515 3412 Pcmcia - ok
12:58:40.0531 3412 PDCOMP - ok
12:58:40.0531 3412 PDFRAME - ok
12:58:40.0531 3412 PDRELI - ok
12:58:40.0531 3412 PDRFRAME - ok
12:58:40.0531 3412 perc2 - ok
12:58:40.0531 3412 perc2hib - ok
12:58:40.0546 3412 PptpMiniport - ok
12:58:40.0546 3412 PSched - ok
12:58:40.0546 3412 Ptilink - ok
12:58:40.0546 3412 pwd_2k - ok
12:58:40.0546 3412 PxHelp20 - ok
12:58:40.0546 3412 ql1080 - ok
12:58:40.0546 3412 Ql10wnt - ok
12:58:40.0546 3412 ql12160 - ok
12:58:40.0562 3412 ql1240 - ok
12:58:40.0562 3412 ql1280 - ok
12:58:40.0562 3412 RasAcd - ok
12:58:40.0562 3412 Rasl2tp - ok
12:58:40.0562 3412 RasPppoe - ok
12:58:40.0562 3412 Raspti - ok
12:58:40.0562 3412 Rdbss - ok
12:58:40.0562 3412 RDPCDD - ok
12:58:40.0578 3412 rdpdr - ok
12:58:40.0578 3412 RDPWD - ok
12:58:40.0578 3412 redbook - ok
12:58:40.0593 3412 SahdIa32 - ok
12:58:40.0593 3412 SaibIa32 - ok
12:58:40.0593 3412 SaibVd32 - ok
12:58:40.0593 3412 SBRE - ok
12:58:40.0593 3412 Secdrv - ok
12:58:40.0593 3412 serenum - ok
12:58:40.0609 3412 Serial - ok
12:58:40.0609 3412 Sfloppy - ok
12:58:40.0609 3412 Simbad - ok
12:58:40.0625 3412 snapman - ok
12:58:40.0625 3412 Sparrow - ok
12:58:40.0625 3412 splitter - ok
12:58:40.0625 3412 sr - ok
12:58:40.0625 3412 Srv - ok
12:58:40.0625 3412 swenum - ok
12:58:40.0625 3412 swmidi - ok
12:58:40.0640 3412 symc810 - ok
12:58:40.0640 3412 symc8xx - ok
12:58:40.0640 3412 sym_hi - ok
12:58:40.0640 3412 sym_u3 - ok
12:58:40.0640 3412 sysaudio - ok
12:58:40.0640 3412 Tcpip - ok
12:58:40.0640 3412 TDPIPE - ok
12:58:40.0656 3412 tdrpman - ok
12:58:40.0656 3412 TDTCP - ok
12:58:40.0656 3412 TermDD - ok
12:58:40.0656 3412 tifsfilter - ok
12:58:40.0656 3412 timounter - ok
12:58:40.0656 3412 TosIde - ok
12:58:40.0656 3412 UdfReadr_xp - ok
12:58:40.0671 3412 Udfs - ok
12:58:40.0671 3412 ultra - ok
12:58:40.0671 3412 Update - ok
12:58:40.0671 3412 USBAAPL - ok
12:58:40.0671 3412 usbbus - ok
12:58:40.0671 3412 usbccgp - ok
12:58:40.0687 3412 UsbDiag - ok
12:58:40.0687 3412 usbehci - ok
12:58:40.0687 3412 usbhub - ok
12:58:40.0687 3412 USBModem - ok
12:58:40.0687 3412 usbohci - ok
12:58:40.0687 3412 usbscan - ok
12:58:40.0687 3412 usbser - ok
12:58:40.0687 3412 USBSTOR - ok
12:58:40.0687 3412 VgaSave - ok
12:58:40.0703 3412 VIAHdAudAddService - ok
12:58:40.0703 3412 ViaIde - ok
12:58:40.0703 3412 VolSnap - ok
12:58:40.0703 3412 Wanarp - ok
12:58:40.0703 3412 WDICA - ok
12:58:40.0703 3412 wdmaud - ok
12:58:40.0718 3412 WpdUsb - ok
12:58:40.0718 3412 WS2IFSL - ok
12:58:40.0734 3412 WudfPf - ok
12:58:40.0734 3412 WudfRd - ok
12:58:40.0750 3412 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:58:40.0843 3412 \Device\Harddisk0\DR0 - ok
12:58:40.0859 3412 Boot (0x1200) (78af15809cd83cfdd5b9626e3baf5069) \Device\Harddisk0\DR0\Partition0
12:58:40.0859 3412 \Device\Harddisk0\DR0\Partition0 - ok
12:58:40.0859 3412 Boot (0x1200) (172892a770e4c6aba7a1c96841b8d337) \Device\Harddisk0\DR0\Partition1
12:58:40.0875 3412 \Device\Harddisk0\DR0\Partition1 - ok
12:58:40.0875 3412 ============================================================
12:58:40.0875 3412 Scan finished
12:58:40.0875 3412 ============================================================
12:58:40.0875 3524 Detected object count: 0
12:58:40.0875 3524 Actual detected object count: 0
12:59:07.0875 3360 Deinitialize success


=================================================================================================================


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-06 13:12:34
-----------------------------
13:12:34.687 OS Version: Windows 5.1.2600 Service Pack 3
13:12:34.687 Number of processors: 2 586 0x170A
13:12:34.687 ComputerName: HOME UserName: Dad
13:12:37.500 Initialize success
13:12:41.515 AVAST engine defs: 11110601
13:12:46.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-6
13:12:46.171 Disk 0 Vendor: ST3160813AS CC2F Size: 152627MB BusType: 3
13:12:48.203 Disk 0 MBR read successfully
13:12:48.203 Disk 0 MBR scan
13:12:48.234 Disk 0 Windows XP default MBR code
13:12:48.281 Disk 0 scanning sectors +312576705
13:12:48.453 Disk 0 scanning E:\WINDOWS\system32\drivers
13:13:19.078 Service scanning
13:13:19.796 Modules scanning
13:13:52.312 AVAST engine scan E:\WINDOWS
13:14:38.546 AVAST engine scan E:\WINDOWS\system32
13:18:42.937 AVAST engine scan E:\WINDOWS\system32\drivers
13:19:08.765 AVAST engine scan E:\Documents and Settings\Dad
13:31:34.843 AVAST engine scan E:\Documents and Settings\All Users
13:33:48.234 Scan finished successfully
13:40:03.765 Disk 0 MBR has been saved successfully to "E:\Documents and Settings\Dad\Desktop\Tools\MBR.dat"
13:40:03.765 The log file has been saved successfully to "E:\Documents and Settings\Dad\Desktop\Tools\aswMBR.txt"



=============================================================================================================


2011-11-06 18:40:23,578 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2011-11-06 18:40:23,578 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2011-11-06 18:40:23,578 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2011-11-06 18:40:23,578 INFO Command line: "E:\Documents and Settings\Dad\Desktop\Tools\avg_remover_stf_x86_2011_1184.exe"
2011-11-06 18:40:23,578 WARN AvgDir param empty.
2011-11-06 18:40:23,578 WARN AvgAdminDir param empty.
2011-11-06 18:40:23,578 WARN AvgDataDir param empty.
2011-11-06 18:40:28,796 INFO AvgRemover runs in attempt number 1
2011-11-06 18:40:28,796 INFO ***** Msi data *****
2011-11-06 18:40:28,859 DEBUG No product code found for our upgrade codes, nothing to do here
2011-11-06 18:40:28,859 INFO ***** Exchange&Outlook plugins data *****
2011-11-06 18:40:28,859 INFO Removing AvgOutlook addin
2011-11-06 18:40:28,859 INFO AvgOutlook Removing HKCR addin keys x86
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'avgoutlook.Addin': 0xe001003d
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2011-11-06 18:40:28,859 INFO AvgOutlook Removing HKCR addin keys x64
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'avgoutlook.Addin': 0xe001003d
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2011-11-06 18:40:28,859 DEBUG Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2011-11-06 18:40:28,859 INFO Removing Sharepoint plugin if exists
2011-11-06 18:40:28,859 INFO Removing Antispam plugin for Exchange 2000/2003 if exists
2011-11-06 18:40:28,859 DEBUG Stopping service 'MSExchangeIS' to remove VSAPI plugin...
2011-11-06 18:40:29,015 DEBUG Service MSExchangeIS Stop failed (error: c0070424)
2011-11-06 18:40:29,015 DEBUG Exchange&Outlook plugins removal failed with error 0xc0070424
2011-11-06 18:40:29,015 INFO ***** Services *****
2011-11-06 18:40:29,031 INFO Processing service avg8emc, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service avgfws8, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service avg8wd, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AvgWFPa, it can take several minutes...
2011-11-06 18:40:29,031 INFO Service avg8emc is not installed
2011-11-06 18:40:29,031 INFO Service avgfws8 is not installed
2011-11-06 18:40:29,031 INFO Service avg8wd is not installed
2011-11-06 18:40:29,031 INFO Processing service AvgMfx86, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AvgWFPx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Service AvgWFPa is not installed
2011-11-06 18:40:29,031 INFO Processing service AvgLdx86, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AvgTdiX, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service avg9wd, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AvgRkx86, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AvgTdiA, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AvgLdx64, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AvgMfx64, it can take several minutes...
2011-11-06 18:40:29,031 DEBUG Service avg8emc RegCleanup
2011-11-06 18:40:29,031 INFO Processing service AvgRkx64, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service avg9emc, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service avgfws9, it can take several minutes...
2011-11-06 18:40:29,031 DEBUG Service avgfws8 RegCleanup
2011-11-06 18:40:29,031 INFO Processing service AVGIDSAgent, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSFilterxpx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service avgfws, it can take several minutes...
2011-11-06 18:40:29,031 DEBUG Service avg8wd RegCleanup
2011-11-06 18:40:29,031 INFO Processing service AVGIDSShimxpx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Service AvgMfx86 is not installed
2011-11-06 18:40:29,031 INFO Processing service AVGIDSDriverxpx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSFiltervtx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSShimvtx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSFiltervta, it can take several minutes...
2011-11-06 18:40:29,031 INFO Service AvgWFPx is not installed
2011-11-06 18:40:29,031 INFO Processing service AVGIDSDrivervtx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSFilterw7x, it can take several minutes...
2011-11-06 18:40:29,031 INFO Service AvgLdx86 is not installed
2011-11-06 18:40:29,031 INFO Processing service AVGIDSDrivervta, it can take several minutes...
2011-11-06 18:40:29,031 INFO Service AvgTdiX is not installed
2011-11-06 18:40:29,031 INFO Processing service AVGIDSFilterw7a, it can take several minutes...
2011-11-06 18:40:29,031 INFO Service avg9wd is not installed
2011-11-06 18:40:29,031 INFO Service AvgRkx86 is not installed
2011-11-06 18:40:29,031 DEBUG Registry keys for service avg8emc are not present
2011-11-06 18:40:29,031 DEBUG Registry keys for service avgfws8 are not present
2011-11-06 18:40:29,031 INFO Service AvgLdx64 is not installed
2011-11-06 18:40:29,031 INFO Service AvgMfx64 is not installed
2011-11-06 18:40:29,031 DEBUG Registry keys for service avg8wd are not present
2011-11-06 18:40:29,031 INFO Service AvgRkx64 is not installed
2011-11-06 18:40:29,031 INFO Service avgfws9 is not installed
2011-11-06 18:40:29,031 INFO Service avg9emc is not installed
2011-11-06 18:40:29,031 INFO Service AVGIDSFilterxpx is not installed
2011-11-06 18:40:29,031 DEBUG Service AvgWFPa RegCleanup
2011-11-06 18:40:29,031 INFO Service avgfws is not installed
2011-11-06 18:40:29,031 INFO Service AVGIDSShimxpx is not installed
2011-11-06 18:40:29,031 INFO Service AVGIDSAgent is not installed
2011-11-06 18:40:29,031 INFO Service AvgTdiA is not installed
2011-11-06 18:40:29,031 INFO Processing service AVGIDSShimw7x, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSDriverw7x, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSErHrxpx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AvgAdminServer, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSErHrw7a, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSErHrvta, it can take several minutes...
2011-11-06 18:40:29,031 DEBUG Service AvgMfx86 RegCleanup
2011-11-06 18:40:29,031 INFO Processing service AVGIDSDriverw7a, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSErHrvtx, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service AVGIDSErHrw7x, it can take several minutes...
2011-11-06 18:40:29,031 INFO Processing service avgwd, it can take several minutes...
2011-11-06 18:40:29,031 DEBUG Service AvgWFPx RegCleanup
2011-11-06 18:40:29,031 INFO Service AVGIDSFiltervtx is not installed
2011-11-06 18:40:29,031 INFO Service AVGIDSDriverxpx is not installed
2011-11-06 18:40:29,031 INFO Service AVGIDSShimvtx is not installed
2011-11-06 18:40:29,031 INFO Service AVGIDSFiltervta is not installed
2011-11-06 18:40:29,031 INFO Service AVGIDSDrivervtx is not installed
2011-11-06 18:40:29,031 DEBUG Service AvgLdx86 RegCleanup
2011-11-06 18:40:29,031 INFO Service AVGIDSFilterw7x is not installed
2011-11-06 18:40:29,031 INFO Service AVGIDSDrivervta is not installed
2011-11-06 18:40:29,031 DEBUG Service avg9wd RegCleanup
2011-11-06 18:40:29,031 DEBUG Service AvgRkx86 RegCleanup
2011-11-06 18:40:29,031 DEBUG Service AvgTdiX RegCleanup
2011-11-06 18:40:29,031 DEBUG Service AvgLdx64 RegCleanup
2011-11-06 18:40:29,031 INFO Service AVGIDSFilterw7a is not installed
2011-11-06 18:40:29,031 DEBUG Service AvgMfx64 RegCleanup
2011-11-06 18:40:29,031 DEBUG Service AvgRkx64 RegCleanup
2011-11-06 18:40:29,031 DEBUG Service avgfws9 RegCleanup
2011-11-06 18:40:29,031 DEBUG Service avg9emc RegCleanup
2011-11-06 18:40:29,031 DEBUG Service AVGIDSFilterxpx RegCleanup
2011-11-06 18:40:29,031 DEBUG Registry keys for service AvgWFPa are not present
2011-11-06 18:40:29,031 DEBUG Service avgfws RegCleanup
2011-11-06 18:40:29,031 DEBUG Service AVGIDSShimxpx RegCleanup
2011-11-06 18:40:29,031 DEBUG Service AVGIDSAgent RegCleanup
2011-11-06 18:40:29,031 DEBUG Service AvgTdiA RegCleanup
2011-11-06 18:40:29,046 INFO Service AVGIDSDriverw7x is not installed
2011-11-06 18:40:29,046 INFO Service AVGIDSErHrxpx is not installed
2011-11-06 18:40:29,046 INFO Service AVGIDSShimw7x is not installed
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgMfx86 are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgWFPx are not present
2011-11-06 18:40:29,046 INFO Service AVGIDSErHrvta is not installed
2011-11-06 18:40:29,046 INFO Service AVGIDSErHrvtx is not installed
2011-11-06 18:40:29,046 INFO Service AVGIDSDriverw7a is not installed
2011-11-06 18:40:29,046 DEBUG Service AVGIDSFiltervtx RegCleanup
2011-11-06 18:40:29,046 DEBUG Service AVGIDSDriverxpx RegCleanup
2011-11-06 18:40:29,046 INFO Service AVGIDSErHrw7a is not installed
2011-11-06 18:40:29,046 DEBUG Service AVGIDSShimvtx RegCleanup
2011-11-06 18:40:29,046 INFO Service avgwd is not installed
2011-11-06 18:40:29,046 INFO Service AVGIDSErHrw7x is not installed
2011-11-06 18:40:29,046 INFO Service AvgAdminServer is not installed
2011-11-06 18:40:29,046 DEBUG Service AVGIDSFiltervta RegCleanup
2011-11-06 18:40:29,046 DEBUG Service AVGIDSDrivervtx RegCleanup
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgLdx86 are not present
2011-11-06 18:40:29,046 DEBUG Service AVGIDSFilterw7x RegCleanup
2011-11-06 18:40:29,046 DEBUG Service AVGIDSDrivervta RegCleanup
2011-11-06 18:40:29,046 DEBUG Registry keys for service avg9wd are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgTdiX are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgLdx64 are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgRkx86 are not present
2011-11-06 18:40:29,046 DEBUG Service AVGIDSFilterw7a RegCleanup
2011-11-06 18:40:29,046 DEBUG Registry keys for service avgfws9 are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service avg9emc are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service avgfws are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AVGIDSShimxpx are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AVGIDSAgent are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgMfx64 are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgTdiA are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AvgRkx64 are not present
2011-11-06 18:40:29,046 DEBUG Service AVGIDSDriverw7x RegCleanup
2011-11-06 18:40:29,046 DEBUG Service AVGIDSErHrxpx RegCleanup
2011-11-06 18:40:29,046 DEBUG Service AVGIDSShimw7x RegCleanup
2011-11-06 18:40:29,046 DEBUG Service AVGIDSErHrvta RegCleanup
2011-11-06 18:40:29,046 DEBUG Service AVGIDSErHrvtx RegCleanup
2011-11-06 18:40:29,046 DEBUG Service AVGIDSDriverw7a RegCleanup
2011-11-06 18:40:29,046 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2011-11-06 18:40:29,046 DEBUG Service AVGIDSErHrw7a RegCleanup
2011-11-06 18:40:29,046 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2011-11-06 18:40:29,046 DEBUG Registry keys for service AVGIDSShimvtx are not present
2011-11-06 18:40:29,046 DEBUG Service avgwd RegCleanup
2011-11-06 18:40:29,062 DEBUG Service AVGIDSErHrw7x RegCleanup
2011-11-06 18:40:29,062 DEBUG Service AvgAdminServer RegCleanup
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSDrivervta are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSShimw7x are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSErHrvta are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service avgwd are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AvgAdminServer are not present
2011-11-06 18:40:29,062 DEBUG Registry keys for service AVGIDSFiltervta are not present
2011-11-06 18:40:29,062 INFO ***** Avg Fw NDIS driver(separate process) *****
2011-11-06 18:40:29,062 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2011-11-06 18:40:29,062 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2011-11-06 18:40:29,062 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2011-11-06 18:40:29,062 INFO Command line: "E:\Documents and Settings\Dad\Desktop\Tools\avg_remover_stf_x86_2011_1184.exe" /ndisonly /skipask
2011-11-06 18:40:29,062 WARN AvgDir param empty.
2011-11-06 18:40:29,062 WARN AvgAdminDir param empty.
2011-11-06 18:40:29,062 WARN AvgDataDir param empty.
2011-11-06 18:40:29,062 INFO AvgRemover runs in attempt number 1
2011-11-06 18:40:29,062 INFO ***** Avg Fw NDIS driver *****
2011-11-06 18:40:29,062 INFO ...this operation can take several minutes...
2011-11-06 18:40:29,062 INFO FW removing policy
2011-11-06 18:40:29,593 INFO FW NDIS driver not present
2011-11-06 18:40:29,609 DEBUG Remove NDIS driver pass, next uninstalation step is 10, old was 1
2011-11-06 18:40:29,609 INFO ***** end of Fw NDIS separated process *****
2011-11-06 18:40:29,609 INFO ***** Drivers *****
2011-11-06 18:40:29,609 INFO ***** Running AVG process *****
2011-11-06 18:40:30,218 INFO ***** Registry keys and values *****
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2011-11-06 18:40:30,218 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2011-11-06 18:40:30,218 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2011-11-06 18:40:30,218 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2011-11-06 18:40:30,218 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2011-11-06 18:40:30,218 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2011-11-06 18:40:30,218 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-06 18:40:30,218 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-06 18:40:30,218 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2011-11-06 18:40:30,218 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-11-06 18:40:30,218 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2011-11-06 18:40:30,218 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2011-11-06 18:40:30,218 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2011-11-06 18:40:30,218 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2011-11-06 18:40:30,218 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\.avgdi
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\.avgdx
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdx not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\.avgdx
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdx not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\.avgdx
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdx not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\.avgdx
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\.avgdx not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-11-06 18:40:30,234 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-11-06 18:40:30,234 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL ForceRemove
2011-11-06 18:40:30,250 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL not found
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-11-06 18:40:30,250 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2011-11-06 18:40:30,250 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-11-06 18:40:30,250 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2011-11-06 18:40:30,250 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2011-11-06 18:40:30,250 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2011-11-06 18:40:30,265 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2011-11-06 18:40:30,265 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2011-11-06 18:40:30,265 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\Control\GroupOrderList
2011-11-06 18:40:30,265 DEBUG Value SYSTEM\ControlSet001\Control\GroupOrderList:AVG Remove
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\Avg
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\Avg ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\Avg not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\Avgfwfd
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\AVG Security Toolbar Service
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\Avgfws
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\Avgfws ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\Avgfws not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSAgent
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSDriver
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSEH
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSFilter
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgldx64
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgldx86
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx64
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx86
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx64
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx86
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgtdia
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgtdia ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgtdia not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgtdix
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgtdix ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgtdix not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgwd
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgwd ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgwd not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgfwdx
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet001\services\avgfwda
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgfwda ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet001\services\avgfwda not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\Avg not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx64
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx86
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgtdia
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgtdia ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgtdia not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgtdix
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgtdix ForceRemove
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgtdix not found
2011-11-06 18:40:30,265 INFO Processing registry SYSTEM\ControlSet002\services\avgwd
2011-11-06 18:40:30,265 DEBUG Key SYSTEM\ControlSet002\services\avgwd ForceRemove
2011-11-06 18:40:30,281 DEBUG Key SYSTEM\ControlSet002\services\avgwd not found
2011-11-06 18:40:30,281 INFO Processing registry SYSTEM\ControlSet002\services\avgfwdx
2011-11-06 18:40:30,281 DEBUG Key SYSTEM\ControlSet002\services\avgfwdx ForceRemove
2011-11-06 18:40:30,281 DEBUG Key SYSTEM\ControlSet002\services\avgfwdx not found
2011-11-06 18:40:30,281 INFO Processing registry SYSTEM\ControlSet002\services\avgfwda
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgfwda ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgfwda not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\Avg not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx64
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx86
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgtdia
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgtdia ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgtdia not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgtdix
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgtdix ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgtdix not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\ControlSet002\services\avgwd
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgwd ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\ControlSet002\services\avgwd not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2011-11-06 18:40:30,296 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86 failed (error e0010058)
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86 not found
2011-11-06 18:40:30,296 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86
2011-11-06 18:40:30,296 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2011-11-06 18:40:30,296 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86 failed (error e0010058)
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64 not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64 not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64 not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX ForceRemove
2011-11-06 18:40:30,312 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX failed (error e0010058)
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2011-11-06 18:40:30,312 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX failed (error e0010058)
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2011-11-06 18:40:30,312 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX failed (error e0010058)
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2011-11-06 18:40:30,312 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX failed (error e0010058)
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2011-11-06 18:40:30,312 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86 failed (error e0010058)
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2011-11-06 18:40:30,312 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86 not found
2011-11-06 18:40:30,312 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2011-11-06 18:40:30,328 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86 failed (error e0010058)
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64 not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64 not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64 not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX ForceRemove
2011-11-06 18:40:30,328 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX failed (error e0010058)
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2011-11-06 18:40:30,328 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX failed (error e0010058)
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2011-11-06 18:40:30,328 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX failed (error e0010058)
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2011-11-06 18:40:30,328 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX failed (error e0010058)
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86 not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2011-11-06 18:40:30,328 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86 not found
2011-11-06 18:40:30,328 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86 not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64 not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64 not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64 not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2011-11-06 18:40:30,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\Clients
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\Clients not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG8
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG8 not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG9
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG10
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG10 not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG10
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG10 not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG IDS
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG IDS
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG
2011-11-06 18:40:30,343 DEBUG Value SOFTWARE\AVG:DumpType Remove
2011-11-06 18:40:30,343 INFO Value SOFTWARE\AVG:DumpType is not present
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AvgAdmin10
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AvgAdmin10 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AvgAdmin10 not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AvgAdmin10
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AvgAdmin10 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AvgAdmin10 not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG ForceRemove
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG8
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG8 not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG9
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG10
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG10 not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG\AVG10
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG\AVG10 not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG ForceRemove
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2011-11-06 18:40:30,343 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2011-11-06 18:40:30,343 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-06 18:40:30,343 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-06 18:40:30,343 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2011-11-06 18:40:30,359 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2011-11-06 18:40:30,359 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2011-11-06 18:40:30,359 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-06 18:40:30,359 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-06 18:40:30,359 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-11-06 18:40:30,359 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-11-06 18:40:30,359 INFO Processing registry SOFTWARE\AppDataLow\Avg
2011-11-06 18:40:30,359 DEBUG Key SOFTWARE\AppDataLow\Avg ForceRemove
2011-11-06 18:40:30,359 DEBUG Key SOFTWARE\AppDataLow\Avg not found
2011-11-06 18:40:30,359 INFO Processing registry SOFTWARE\AppDataLow\Software\AVG Security Toolbar
2011-11-06 18:40:30,359 DEBUG Key SOFTWARE\AppDataLow\Software\AVG Security Toolbar ForceRemove
2011-11-06 18:40:30,359 DEBUG Key SOFTWARE\AppDataLow\Software\AVG Security Toolbar not found
2011-11-06 18:40:30,359 INFO Processing registry .avgdxa
2011-11-06 18:40:30,359 DEBUG Key .avgdxa ForceRemove
2011-11-06 18:40:30,359 DEBUG Key .avgdxa not found
2011-11-06 18:40:30,359 INFO Processing registry aAvgAPI.AvgBro
2011-11-06 18:40:30,359 DEBUG Key aAvgAPI.AvgBro ForceRemove
2011-11-06 18:40:30,359 DEBUG Key aAvgAPI.AvgBro not found
2011-11-06 18:40:30,359 INFO Processing registry AVG.Office
2011-11-06 18:40:30,359 DEBUG Key AVG.Office ForceRemove
2011-11-06 18:40:30,359 DEBUG Key AVG.Office not found
2011-11-06 18:40:30,359 INFO Processing registry AVG.Office.8
2011-11-06 18:40:30,359 DEBUG Key AVG.Office.8 ForceRemove
2011-11-06 18:40:30,359 DEBUG Key AVG.Office.8 not found
2011-11-06 18:40:30,359 INFO Processing registry AvgDiagFile
2011-11-06 18:40:30,359 DEBUG Key AvgDiagFile ForceRemove
2011-11-06 18:40:30,359 DEBUG Key AvgDiagFile not found
2011-11-06 18:40:30,359 INFO Processing registry AvgDiagExFile
2011-11-06 18:40:30,359 DEBUG Key AvgDiagExFile ForceRemove
2011-11-06 18:40:30,359 DEBUG Key AvgDiagExFile not found
2011-11-06 18:40:30,359 INFO Processing registry avgtoolbar.AVGTOOLBAR
2011-11-06 18:40:30,359 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2011-11-06 18:40:30,359 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2011-11-06 18:40:30,359 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2011-11-06 18:40:30,359 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2011-11-06 18:40:30,359 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2011-11-06 18:40:30,359 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2011-11-06 18:40:30,359 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2011-11-06 18:40:30,359 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2011-11-06 18:40:30,359 INFO Processing registry LinkScannerIE.NavFilter
2011-11-06 18:40:30,359 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2011-11-06 18:40:30,359 DEBUG Key LinkScannerIE.NavFilter not found
2011-11-06 18:40:30,359 INFO Processing registry LinkScannerIE.NavFilter.1
2011-11-06 18:40:30,359 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2011-11-06 18:40:30,359 DEBUG Key LinkScannerIE.NavFilter.1 not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2011-11-06 18:40:30,359 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2011-11-06 18:40:30,359 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2011-11-06 18:40:30,359 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-11-06 18:40:30,375 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-11-06 18:40:30,375 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-06 18:40:30,375 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-06 18:40:30,375 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2011-11-06 18:40:30,375 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2011-11-06 18:40:30,375 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2011-11-06 18:40:30,375 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2011-11-06 18:40:30,375 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2011-11-06 18:40:30,375 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2011-11-06 18:40:30,375 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2011-11-06 18:40:30,375 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2011-11-06 18:40:30,375 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2011-11-06 18:40:30,375 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2011-11-06 18:40:30,375 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2011-11-06 18:40:30,375 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2011-11-06 18:40:30,375 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-11-06 18:40:30,375 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-11-06 18:40:30,375 INFO Processing registry CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83}
2011-11-06 18:40:30,375 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} not found
2011-11-06 18:40:30,375 INFO Processing registry CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2011-11-06 18:40:30,375 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2011-11-06 18:40:30,375 INFO Processing registry CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C}
2011-11-06 18:40:30,375 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} ForceRemove
2011-11-06 18:40:30,375 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} not found
2011-11-06 18:40:30,375 DEBUG Removing Session Manager values
2011-11-06 18:40:30,375 DEBUG Registry remover failed for some registry item(s)
2011-11-06 18:40:30,375 INFO ***** Files and folders *****
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 0
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 1
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 2
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 3
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 4
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 5
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 6
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 7
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 8
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 9
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 10
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 11
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 12
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 13
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 14
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 15
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 16
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\Dad\Application Data\AVGTOOLBAR'
2011-11-06 18:40:30,375 INFO Directory 'E:\Documents and Settings\Dad\Application Data\AVGTOOLBAR' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\WINDOWS\System32\Drivers'
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0'
2011-11-06 18:40:30,375 INFO Directory 'E:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0'
2011-11-06 18:40:30,375 INFO Directory 'E:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5'
2011-11-06 18:40:30,375 INFO Directory 'E:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5'
2011-11-06 18:40:30,375 INFO Directory 'E:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Desktop\avg 8.0.lnk'
2011-11-06 18:40:30,375 INFO File 'E:\Documents and Settings\All Users\Desktop\avg 8.0.lnk' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk'
2011-11-06 18:40:30,375 INFO File 'E:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Desktop\avg 8.5.lnk'
2011-11-06 18:40:30,375 INFO File 'E:\Documents and Settings\All Users\Desktop\avg 8.5.lnk' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk'
2011-11-06 18:40:30,375 INFO File 'E:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk' not found
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 27
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 28
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 29
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 30
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 31
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 32
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 33
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 34
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 35
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 36
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 37
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 38
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 39
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 40
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 41
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 42
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 43
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 44
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 45
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 46
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 47
2011-11-06 18:40:30,375 DEBUG Missing ParentDir path for fileItem number 48
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages'
2011-11-06 18:40:30,375 INFO Directory 'E:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Update'
2011-11-06 18:40:30,375 INFO Directory 'E:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Update' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Application Data\AVG Security Toolbar'
2011-11-06 18:40:30,375 INFO Directory 'E:\Documents and Settings\All Users\Application Data\AVG Security Toolbar' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\WINDOWS\System32\Drivers'
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Desktop\avg 9.0.lnk'
2011-11-06 18:40:30,375 INFO File 'E:\Documents and Settings\All Users\Desktop\avg 9.0.lnk' not found
2011-11-06 18:40:30,375 DEBUG Processing item 'E:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk'
2011-11-06 18:40:30,375 INFO File 'E:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk' not found
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 55
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 56
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 57
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 58
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 59
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 60
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 61
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 62
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 63
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 64
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 65
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 66
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 67
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 68
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 69
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 70
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 71
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 72
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 73
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 74
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 75
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 76
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 77
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 78
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 79
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 80
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 81
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 82
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 83
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 84
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 85
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 86
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 87
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 88
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 89
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 90
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 91
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 92
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 93
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 94
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 95
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 96
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 97
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 98
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 99
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 100
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 101
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 102
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 103
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 104
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 105
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 106
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 107
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 108
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 109
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 110
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 111
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 112
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 113
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 114
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 115
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 116
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 117
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 118
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 119
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 120
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 121
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 122
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 123
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 124
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 125
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 126
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 127
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 128
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 129
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 130
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 131
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 132
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 133
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 134
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 135
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 136
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 137
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 138
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 139
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 140
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 141
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 142
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 143
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 144
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 145
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 146
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 147
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 148
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 149
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 150
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 151
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 152
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 153
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 154
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 155
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 156
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 157
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 158
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 159
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 160
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 161
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 162
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 163
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 164
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 165
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 166
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 167
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 168
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 169
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 170
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 171
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 172
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 173
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 174
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 175
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 176
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 177
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 178
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 179
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 180
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 181
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 182
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 183
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 184
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 185
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 186
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 187
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 188
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 189
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 190
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 191
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 192
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 193
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 194
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 195
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 196
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 197
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 198
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 199
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 200
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 201
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 202
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 203
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 204
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 205
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\System32\Drivers'
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\System32\Drivers'
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\System32\Drivers'
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\System32\Drivers'
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\System32\Drivers'
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\System32\Drivers'
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\System32\Drivers\AVG'
2011-11-06 18:40:30,390 INFO Directory 'E:\WINDOWS\System32\Drivers\AVG' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\System32'
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget'
2011-11-06 18:40:30,390 INFO Directory 'E:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget' not found
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 215
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Application Data\AVG10\SetupCoreBackup'
2011-11-06 18:40:30,390 INFO Directory 'E:\Documents and Settings\All Users\Application Data\AVG10\SetupCoreBackup' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup'
2011-11-06 18:40:30,390 INFO Directory 'E:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Application Data\AVG10\Chjw'
2011-11-06 18:40:30,390 INFO Directory 'E:\Documents and Settings\All Users\Application Data\AVG10\Chjw' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Application Data\AVG10\Antispam'
2011-11-06 18:40:30,390 INFO Directory 'E:\Documents and Settings\All Users\Application Data\AVG10\Antispam' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Application Data\AVG10'
2011-11-06 18:40:30,390 INFO Directory 'E:\Documents and Settings\All Users\Application Data\AVG10' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011'
2011-11-06 18:40:30,390 INFO Directory 'E:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2011'
2011-11-06 18:40:30,390 INFO Directory 'E:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2011' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Desktop\AVG 2011.lnk'
2011-11-06 18:40:30,390 INFO File 'E:\Documents and Settings\All Users\Desktop\AVG 2011.lnk' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\Documents and Settings\All Users\Desktop\AVG FREE 2011.lnk'
2011-11-06 18:40:30,390 INFO File 'E:\Documents and Settings\All Users\Desktop\AVG FREE 2011.lnk' not found
2011-11-06 18:40:30,390 DEBUG Processing item 'E:\WINDOWS\SysWOW64\Drivers\AVG'
2011-11-06 18:40:30,390 INFO Directory 'E:\WINDOWS\SysWOW64\Drivers\AVG' not found
2011-11-06 18:40:30,390 DEBUG Missing ParentDir path for fileItem number 226


==============================================================================================================


11/06/2011 13:49
Scan of all local drives

Number of searched folders: 13053
Number of tested files: 575133
Number of infected files: 7
  • 0

#4
Derobmai41
Posted 06 November 2011 - 02:17 PM

Derobmai41

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
here are the otl logs at the end of everything....forgot to post it with previous post.


OTL logfile created on: 11/6/2011 3:06:55 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = E:\Documents and Settings\Dad\Desktop\Tools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.20 Gb Available Physical Memory | 63.89% Memory free
3.72 Gb Paging File | 3.22 Gb Available in Paging File | 86.45% Paging File free
Paging file location(s): E:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 51.39 Gb Total Space | 19.43 Gb Free Space | 37.81% Space Free | Partition Type: NTFS
Drive E: | 97.65 Gb Total Space | 6.73 Gb Free Space | 6.89% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: Dad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/05 16:59:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Dad\Desktop\Tools\OTL.exe
PRC - [2011/10/08 09:11:54 | 000,924,632 | ---- | M] (Mozilla Corporation) -- E:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 16:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- E:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- E:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- E:\Program Files\Windows Defender\MsMpEng.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/06 04:54:37 | 001,608,192 | ---- | M] () -- E:\Program Files\AVAST Software\Avast\defs\11110601\algo.dll
MOD - [2011/11/03 12:42:38 | 000,239,432 | ---- | M] () -- E:\Program Files\AVAST Software\Avast\defs\11110601\aswRep.dll
MOD - [2011/10/08 09:11:54 | 001,833,944 | ---- | M] () -- E:\Program Files\Mozilla Firefox\mozjs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wuauserv)
SRV - File not found [Disabled | Stopped] -- -- (Roxio UPnP Renderer 11)
SRV - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/09/13 12:02:00 | 000,039,408 | ---- | M] () [Disabled | Stopped] -- E:\Program Files\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2010/07/16 05:48:26 | 000,354,288 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- E:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2010/07/16 05:48:04 | 001,099,248 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- E:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2009/10/16 17:39:28 | 000,431,456 | ---- | M] (Seagate) [Disabled | Stopped] -- E:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/06/02 18:05:58 | 000,457,200 | ---- | M] () [Disabled | Stopped] -- E:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- E:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- E:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- E:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Disabled | Stopped] -- E:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- E:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 16:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- E:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- E:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 16:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- E:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/17 16:56:13 | 000,101,720 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2010/10/22 13:42:13 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/10/22 13:42:13 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- E:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/10/22 13:41:58 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/10/22 13:41:46 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2010/08/30 17:08:36 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2009/10/20 02:00:00 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- E:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2009/10/20 02:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2009/06/02 00:00:00 | 000,025,584 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\SaibVd32.sys -- (SaibVd32)
DRV - [2009/06/02 00:00:00 | 000,021,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\SahdIa32.sys -- (SahdIa32)
DRV - [2009/06/02 00:00:00 | 000,015,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\SaibIa32.sys -- (SaibIa32)
DRV - [2008/09/07 22:05:10 | 000,874,240 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008/07/31 22:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/07/31 22:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/02/14 01:12:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2007/08/30 07:00:00 | 000,244,608 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\c2scsi.sys -- (c2scsi)
DRV - [2007/04/09 09:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 09:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 09:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/07/28 07:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004/08/12 03:00:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003/09/24 13:02:58 | 000,213,120 | ---- | M] (Roxio) [File_System | System | Running] -- E:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/09/24 13:02:58 | 000,146,560 | ---- | M] (Roxio) [File_System | System | Running] -- E:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2003/09/24 13:02:56 | 000,260,224 | ---- | M] (Roxio) [File_System | System | Running] -- E:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/09/24 13:02:56 | 000,118,409 | ---- | M] (Roxio) [Kernel | System | Running] -- E:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/09/24 13:02:56 | 000,022,777 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- E:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/09/24 13:02:56 | 000,021,993 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E2 53 8B 73 BD 99 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B9 03 11 02 70 94 8B 45 9D 57 66 C8 7A 28 F3 29 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: E:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: E:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: E:\Documents and Settings\Dad\Application Data\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: E:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2EB67873-6E82-4E77-93A0-14AD44ED788A}: E:\Documents and Settings\Dad\Local Settings\Application Data\{2EB67873-6E82-4E77-93A0-14AD44ED788A}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: E:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/06 13:42:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2011/10/08 09:11:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2011/04/08 17:12:35 | 000,000,000 | ---D | M]

[2009/04/07 19:12:03 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Extensions
[2009/04/07 19:12:03 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Extensions\[email protected]
[2011/10/12 16:02:17 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions
[2010/10/23 18:23:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/05/27 15:31:35 | 000,004,207 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\searchplugins\aim-search.xml
[2011/07/20 14:16:32 | 000,002,568 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\searchplugins\askcom.xml
[2010/01/16 11:57:30 | 000,002,163 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\searchplugins\bing.xml
[2011/07/17 13:45:06 | 000,002,497 | ---- | M] () -- E:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles\jeypk6s1.default\searchplugins\SearchResults.xml
[2011/08/18 10:25:36 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions
() (No name found) -- E:\DOCUMENTS AND SETTINGS\DAD\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\JEYPK6S1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/11/06 13:42:15 | 000,000,000 | ---D | M] (avast! WebRep) -- E:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/10/08 09:11:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- E:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/10/08 09:11:53 | 000,002,252 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\bing.xml
[2007/07/26 11:05:16 | 000,001,329 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2011/07/17 13:45:06 | 000,002,497 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

========== Chrome ==========


O1 HOSTS File: ([2011/11/06 12:50:12 | 000,000,027 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] E:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] E:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\Program Files\AIM\aim.exe (America Online, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1238811694703 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.co...?BundleId=29223 (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.2 167.206.254.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86FA2118-250F-4947-AB4E-34FEA40296C5}: DhcpNameServer = 167.206.254.2 167.206.254.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:\WINDOWS\system32\userinit.exe) -E:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: E:\Documents and Settings\Dad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: E:\Documents and Settings\Dad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - E:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - E:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/03 20:19:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/06 13:42:29 | 000,320,856 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/06 13:42:29 | 000,020,568 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/06 13:42:29 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/11/06 13:42:27 | 000,034,392 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/06 13:42:26 | 000,442,200 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/06 13:42:26 | 000,052,568 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/06 13:42:25 | 000,110,552 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/06 13:42:25 | 000,104,536 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/06 13:42:24 | 000,030,808 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/06 13:42:13 | 000,199,304 | ---- | C] (AVAST Software) -- E:\WINDOWS\System32\aswBoot.exe
[2011/11/06 13:42:13 | 000,041,184 | ---- | C] (AVAST Software) -- E:\WINDOWS\avastSS.scr
[2011/11/06 13:42:06 | 000,000,000 | ---D | C] -- E:\Program Files\AVAST Software
[2011/11/06 13:42:06 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/11/06 12:54:21 | 000,000,000 | ---D | C] -- E:\WINDOWS\temp
[2011/11/06 12:34:20 | 000,518,144 | ---- | C] (SteelWerX) -- E:\WINDOWS\SWREG.exe
[2011/11/06 12:34:20 | 000,406,528 | ---- | C] (SteelWerX) -- E:\WINDOWS\SWSC.exe
[2011/11/06 12:34:20 | 000,212,480 | ---- | C] (SteelWerX) -- E:\WINDOWS\SWXCACLS.exe
[2011/11/06 12:34:20 | 000,060,416 | ---- | C] (NirSoft) -- E:\WINDOWS\NIRCMD.exe
[2011/11/06 12:34:15 | 000,000,000 | ---D | C] -- E:\WINDOWS\ERDNT
[2011/11/06 12:34:12 | 000,000,000 | ---D | C] -- E:\Qoobox
[2011/11/06 12:31:33 | 001,916,416 | ---- | C] (AVAST Software) -- E:\Documents and Settings\Dad\Desktop\aswMBR.exe
[2011/11/06 12:28:44 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/06 12:28:40 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2011/11/06 12:22:29 | 000,000,000 | ---D | C] -- E:\_OTL
[2011/11/06 12:17:34 | 004,285,061 | R--- | C] (Swearware) -- E:\Documents and Settings\Dad\Desktop\ComboFix.exe
[2011/11/02 21:29:56 | 000,000,000 | RH-D | C] -- E:\Documents and Settings\Dad\Recent

========== Files - Modified Within 30 Days ==========

[2011/11/06 14:49:59 | 000,000,330 | -H-- | M] () -- E:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/06 14:47:36 | 000,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2011/11/06 14:47:17 | 008,405,015 | ---- | M] () -- E:\WINDOWS\TempFile
[2011/11/06 14:47:00 | 000,194,318 | ---- | M] () -- E:\WINDOWS\System32\nvapps.xml
[2011/11/06 14:46:55 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2011/11/06 13:42:29 | 000,001,689 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/11/06 13:42:25 | 000,002,669 | ---- | M] () -- E:\WINDOWS\System32\CONFIG.NT
[2011/11/06 12:50:12 | 000,000,027 | ---- | M] () -- E:\WINDOWS\System32\drivers\etc\hosts
[2011/11/06 12:31:42 | 001,916,416 | ---- | M] (AVAST Software) -- E:\Documents and Settings\Dad\Desktop\aswMBR.exe
[2011/11/06 12:17:37 | 004,285,061 | R--- | M] (Swearware) -- E:\Documents and Settings\Dad\Desktop\ComboFix.exe
[2011/11/06 06:45:22 | 000,527,058 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2011/11/06 06:45:22 | 000,096,406 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[2011/11/02 21:24:57 | 000,183,808 | ---- | M] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/02 20:56:16 | 000,009,851 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\2189001j.htm
[2011/11/02 20:54:45 | 000,010,271 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\2189001a.htm
[2011/11/02 20:54:10 | 000,010,272 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\2189001.htm
[2011/11/02 19:56:44 | 000,209,350 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Good Carbs List of Carbohydrates in Food.mht
[2011/11/02 19:55:49 | 000,251,796 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Refined Bad Carb Sweet Sugar Death.mht
[2011/11/02 19:52:38 | 000,296,966 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Complex Carbohydrates List of Healthy Carbs.mht
[2011/11/02 19:48:16 | 000,400,010 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Foods That Lower Blood Sugar eHow_com.mht
[2011/10/30 14:49:12 | 000,242,624 | ---- | M] () -- E:\Documents and Settings\Dad\My Documents\Seasonal-Buying.pdf
[2011/10/23 12:35:38 | 000,000,064 | ---- | M] () -- E:\WINDOWS\System32\rp_stats.dat
[2011/10/23 12:35:38 | 000,000,044 | ---- | M] () -- E:\WINDOWS\System32\rp_rules.dat
[2011/10/22 14:29:07 | 000,000,284 | ---- | M] () -- E:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/14 15:46:45 | 000,233,301 | ---- | M] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\census.cache
[2011/10/14 15:46:32 | 000,236,732 | ---- | M] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\ars.cache
[2011/10/14 15:41:14 | 000,000,036 | ---- | M] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\housecall.guid.cache
[2011/10/13 17:38:13 | 000,317,952 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/13 17:30:45 | 000,001,393 | ---- | M] () -- E:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2011/11/06 13:42:29 | 000,001,689 | ---- | C] () -- E:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/11/06 12:34:20 | 000,256,000 | ---- | C] () -- E:\WINDOWS\PEV.exe
[2011/11/06 12:34:20 | 000,208,896 | ---- | C] () -- E:\WINDOWS\MBR.exe
[2011/11/06 12:34:20 | 000,098,816 | ---- | C] () -- E:\WINDOWS\sed.exe
[2011/11/06 12:34:20 | 000,080,412 | ---- | C] () -- E:\WINDOWS\grep.exe
[2011/11/06 12:34:20 | 000,068,096 | ---- | C] () -- E:\WINDOWS\zip.exe
[2011/11/06 12:18:36 | 000,000,330 | -H-- | C] () -- E:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/02 20:56:15 | 000,009,851 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\2189001j.htm
[2011/11/02 20:54:45 | 000,010,271 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\2189001a.htm
[2011/11/02 20:54:07 | 000,010,272 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\2189001.htm
[2011/11/02 19:56:44 | 000,209,350 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Good Carbs List of Carbohydrates in Food.mht
[2011/11/02 19:55:48 | 000,251,796 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Refined Bad Carb Sweet Sugar Death.mht
[2011/11/02 19:52:38 | 000,296,966 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Complex Carbohydrates List of Healthy Carbs.mht
[2011/11/02 19:48:15 | 000,400,010 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Foods That Lower Blood Sugar eHow_com.mht
[2011/10/30 14:49:12 | 000,242,624 | ---- | C] () -- E:\Documents and Settings\Dad\My Documents\Seasonal-Buying.pdf
[2011/10/23 12:35:38 | 000,000,064 | ---- | C] () -- E:\WINDOWS\System32\rp_stats.dat
[2011/10/23 12:35:38 | 000,000,044 | ---- | C] () -- E:\WINDOWS\System32\rp_rules.dat
[2011/10/14 15:46:45 | 000,233,301 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\census.cache
[2011/10/14 15:46:32 | 000,236,732 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\ars.cache
[2011/10/14 15:41:14 | 000,000,036 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\housecall.guid.cache
[2011/03/27 10:37:56 | 000,000,253 | ---- | C] () -- E:\WINDOWS\WININIT.INI
[2011/03/23 18:54:38 | 000,000,350 | ---- | C] () -- E:\WINDOWS\SIERRA.INI
[2010/12/17 13:49:18 | 000,000,004 | ---- | C] () -- E:\Documents and Settings\Dad\Application Data\B0282C
[2010/12/17 13:49:17 | 000,870,128 | ---- | C] () -- E:\Documents and Settings\Dad\Application Data\mcs.rma
[2010/11/21 15:32:28 | 000,000,600 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\PUTTY.RND
[2010/09/27 18:36:40 | 000,002,672 | ---- | C] () -- E:\WINDOWS\System32\KGyGaAvL.sys
[2010/09/27 18:36:40 | 000,000,008 | ---- | C] () -- E:\WINDOWS\System32\13142D8800.sys
[2010/09/20 15:11:16 | 000,000,162 | ---- | C] () -- E:\WINDOWS\kodakpcd.Dad.ini
[2010/09/03 19:26:05 | 000,688,328 | ---- | C] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/30 17:08:36 | 000,000,383 | ---- | C] () -- E:\WINDOWS\System32\haspdos.sys
[2010/02/26 21:17:11 | 000,001,324 | ---- | C] () -- E:\WINDOWS\System32\d3d9caps.dat
[2010/01/02 09:29:42 | 000,004,216 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\rx_audio.Cache
[2009/12/20 11:50:06 | 000,067,628 | ---- | C] () -- E:\WINDOWS\System32\mlfcache.dat
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- E:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- E:\WINDOWS\System32\OGAEXEC.exe
[2009/07/12 05:59:03 | 000,000,029 | ---- | C] () -- E:\WINDOWS\Epsonpl.ini
[2009/07/01 19:49:53 | 000,000,196 | ---- | C] () -- E:\WINDOWS\_delis32.ini
[2009/07/01 19:49:31 | 000,100,864 | ---- | C] () -- E:\WINDOWS\System32\Dc50ip32.dll
[2009/07/01 19:49:31 | 000,065,864 | ---- | C] () -- E:\WINDOWS\System32\Digita.sys
[2009/07/01 19:49:31 | 000,007,808 | ---- | C] () -- E:\WINDOWS\System32\dc240u.sys
[2009/07/01 19:49:31 | 000,006,144 | ---- | C] () -- E:\WINDOWS\System32\ImgLibLead.dll
[2009/07/01 19:49:25 | 000,210,944 | ---- | C] () -- E:\WINDOWS\System32\MSVCRT10.DLL
[2009/07/01 19:49:25 | 000,048,640 | ---- | C] () -- E:\WINDOWS\catalogSubInstaller.exe
[2009/06/23 09:50:10 | 000,204,884 | ---- | C] () -- E:\WINDOWS\System32\spxusb.dll
[2009/06/23 09:45:58 | 000,438,272 | ---- | C] () -- E:\WINDOWS\System32\STLibWrapper.dll
[2009/06/23 09:45:58 | 000,055,808 | ---- | C] () -- E:\WINDOWS\System32\zlib1.dll
[2009/06/23 09:45:54 | 000,748,160 | ---- | C] () -- E:\WINDOWS\System32\co2c40en.dll
[2009/05/27 15:28:39 | 000,000,021 | ---- | C] () -- E:\WINDOWS\atid.ini
[2009/05/01 18:52:07 | 000,000,144 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\rx_image32.Cache
[2009/04/09 19:03:51 | 000,061,440 | ---- | C] () -- E:\WINDOWS\System32\wintab32.dll
[2009/04/08 19:21:53 | 000,000,042 | ---- | C] () -- E:\WINDOWS\creator.INI
[2009/04/06 18:16:35 | 000,183,808 | ---- | C] () -- E:\Documents and Settings\Dad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/03 21:30:10 | 000,000,000 | ---- | C] () -- E:\WINDOWS\nsreg.dat
[2009/04/03 20:39:09 | 000,004,984 | ---- | C] () -- E:\WINDOWS\System32\drivers\nvphy.bin
[2009/04/03 20:38:36 | 000,005,810 | ---- | C] () -- E:\WINDOWS\System32\drivers\ASACPI.sys
[2009/04/03 20:38:27 | 000,025,020 | ---- | C] () -- E:\WINDOWS\Ascd_tmp.ini
[2009/04/03 20:38:26 | 000,010,296 | ---- | C] () -- E:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/04/03 20:20:57 | 000,002,048 | --S- | C] () -- E:\WINDOWS\bootstat.dat
[2009/04/03 20:16:59 | 000,021,640 | ---- | C] () -- E:\WINDOWS\System32\emptyregdb.dat
[2009/03/30 14:53:03 | 000,004,161 | ---- | C] () -- E:\WINDOWS\ODBCINST.INI
[2009/03/30 14:50:22 | 000,317,952 | ---- | C] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2008/08/01 01:48:00 | 001,724,416 | ---- | C] () -- E:\WINDOWS\System32\nvwdmcpl.dll
[2008/08/01 01:48:00 | 001,657,376 | ---- | C] () -- E:\WINDOWS\System32\nwiz.exe
[2008/08/01 01:48:00 | 001,503,232 | ---- | C] () -- E:\WINDOWS\System32\nview.dll
[2008/08/01 01:48:00 | 001,346,080 | ---- | C] () -- E:\WINDOWS\System32\nvdspsch.exe
[2008/08/01 01:48:00 | 001,101,824 | ---- | C] () -- E:\WINDOWS\System32\nvwimg.dll
[2008/08/01 01:48:00 | 000,466,944 | ---- | C] () -- E:\WINDOWS\System32\nvshell.dll
[2008/08/01 01:48:00 | 000,449,056 | ---- | C] () -- E:\WINDOWS\System32\nvappbar.exe
[2008/08/01 01:48:00 | 000,436,768 | ---- | C] () -- E:\WINDOWS\System32\keystone.exe
[2008/08/01 01:48:00 | 000,286,720 | ---- | C] () -- E:\WINDOWS\System32\nvnt4cpl.dll
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- E:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- E:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- E:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- E:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- E:\WINDOWS\System32\gthrctr.ini
[2006/11/02 19:40:12 | 000,174,656 | ---- | C] () -- E:\WINDOWS\System32\PSIService.exe
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- E:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- E:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,527,058 | ---- | C] () -- E:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- E:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- E:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,096,406 | ---- | C] () -- E:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- E:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- E:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- E:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,463 | ---- | C] () -- E:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- E:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- E:\WINDOWS\System32\noise.dat
[2004/01/30 14:07:46 | 000,245,408 | ---- | C] () -- E:\WINDOWS\System32\unicows.dll
[2000/10/25 16:15:00 | 000,017,920 | ---- | C] () -- E:\WINDOWS\System32\Implode.dll
[1999/03/11 23:00:00 | 000,299,008 | ---- | C] () -- E:\WINDOWS\System32\Crutl14.dll

< End of report >


===================================================================================================


OTL Extras logfile created on: 11/6/2011 3:06:55 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = E:\Documents and Settings\Dad\Desktop\Tools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.20 Gb Available Physical Memory | 63.89% Memory free
3.72 Gb Paging File | 3.22 Gb Available in Paging File | 86.45% Paging File free
Paging file location(s): E:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 51.39 Gb Total Space | 19.43 Gb Free Space | 37.81% Space Free | Partition Type: NTFS
Drive E: | 97.65 Gb Total Space | 6.73 Gb Free Space | 6.89% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: Dad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- E:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- E:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- E:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- E:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- E:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- E:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- E:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- E:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- E:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- E:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- E:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- E:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- E:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- E:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- E:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "E:\PROGRA~1\MICROS~2\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "E:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "E:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "E:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "E:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "E:\WINDOWS\system32\rundll32.exe" "E:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- E:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "E:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\SETUP.EXE" = D:\SETUP.EXE:*:Enabled:Roxio Streamer Discovery Service
"E:\Program Files\iMesh Applications\iMesh\iMesh.exe" = E:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\Program Files\AIM\aim.exe" = E:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"E:\Program Files\Common Files\AOL\Loader\aolload.exe" = E:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"E:\Program Files\uTorrent\uTorrent.exe" = E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Program Files\Mozilla Firefox\firefox.exe" = E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"E:\Program Files\AIM7\aim.exe" = E:\Program Files\AIM7\aim.exe:*:Enabled:AIM -- (AOL LLC)
"E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"E:\Program Files\FrostWire\FrostWire.exe" = E:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"E:\Program Files\VideoLAN\VLC\vlc.exe" = E:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{12665B01-3F3A-4433-B179-9D8E352D7547}" = Try Corel Snapfire muvee autoProducer add on
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1956e9f5-6f4b-4fc3-b6f4-5869d06d95e9}" = Actron Scanning Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4433FF9E-AF21-4E41-B296-4E13BF4D52F5}" = Roxio Creator 2011 Pro
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4C23837C-993E-11D4-9DE0-0060085C158A}" = KODAK Picture CD
"{644F9DBE-CEDB-45AF-ACB8-E26692B74F62}" = Easy CD & DVD Creator 6
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack
"{73090A5A-E0C0-4E0B-A320-E183877061A5}" = ALLDATA for Windows
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77CDA026-3860-4C95-8233-34F3CEF121FB}" = Roxio Creator 2011 Pro
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{900792CC-3203-356C-EC2D-C3E558991ACE}" = Home Designer Suite 8
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications ® Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications ® Core - English
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn - Secure
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5
"{9A5F1282-D6F8-4F04-B73E-D9286924E9AC}" = Roxio Creator 2011 Pro
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F717571-FEE8-45CD-8B03-5B2D06AD28F7}" = Roxio Creator 2011 Content
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A9024A22-FB0E-4DDC-AB93-44D686F7F491}" = Roxio CinePlayer
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BB562D40-13F5-11D5-B7C5-00105A645748}" = EPSON Copy Utility
"{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}" = Roxio BackOnTrackPE
"{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}" = Roxio CinePlayer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E0150C73-3138-4FD2-B038-7F2637C9B5C7}" = CVS Photo Editor Plus
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack
"2FE89524DCB9993BBE35C3B1F50969BE84CDC26C" = Windows Driver Package - SPX Service Solutions, Inc (spxusb) Ports (13/04/2009 1.03)
"45C76934E7F547DB6EAFC059D897430F43112A87" = Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)
"726385ED6E9BD02F0F3E4611AEEAD174ADDDC0F2" = Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe PhotoDeluxe Home Edition 4.0" = Adobe PhotoDeluxe Home Edition 4.0
"AIM_7" = AIM 7
"AOL Instant Messenger" = AOL Instant Messenger
"avast" = avast! Free Antivirus
"EF0DC109140519CEDBEF47D748890F9061EDC199" = Windows Driver Package - SPX Service Solutions, Inc (usbser) Ports (10/02/06 )
"EFTD" = Easy Family Tree Deluxe®
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Digital PhotoLab" = EPSON Digital PhotoLab
"FrostWire" = FrostWire 4.21.8
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"Print3D for progeCAD_is1" = Print3D for progeCAD
"progeCAD 2009 Pro ENG" = progeCAD 2009 Pro ENG
"Roxio PhotoShow" = Roxio PhotoShow
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"uTorrent" = µTorrent
"V CAST Music with Rhapsody" = V CAST Music with Rhapsody
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.10
"VueScan" = VueScan
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/12/2011 10:03:34 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/12/2011 10:03:38 PM | Computer Name = HOME | Source = Application Hang | ID = 1001
Description = Fault bucket 736169863.

Error - 10/12/2011 10:05:16 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/12/2011 10:06:20 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/12/2011 10:07:07 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/13/2011 6:40:16 PM | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 10/14/2011 4:33:07 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/19/2011 7:51:30 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/19/2011 7:51:34 PM | Computer Name = HOME | Source = Application Hang | ID = 1001
Description = Fault bucket 736169863.

Error - 10/20/2011 4:34:53 PM | Computer Name = HOME | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 7.0.1.4288, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 11/6/2011 1:34:19 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%5

Error - 11/6/2011 1:40:21 PM | Computer Name = HOME | Source = SRService | ID = 104
Description = The System Restore initialization process failed.

Error - 11/6/2011 1:40:24 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 11/6/2011 1:40:24 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%5

Error - 11/6/2011 1:40:24 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 11/6/2011 1:50:33 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 11/6/2011 1:50:33 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126

Error - 11/6/2011 2:07:15 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7034
Description = The MBAMService service terminated unexpectedly. It has done this
1 time(s).

Error - 11/6/2011 3:47:35 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = The MCSTRM service failed to start due to the following error: %%2

Error - 11/6/2011 3:47:35 PM | Computer Name = HOME | Source = Service Control Manager | ID = 7023
Description = The Automatic Updates service terminated with the following error:
%%126


< End of report >
  • 0

#5
RKinner
Posted 06 November 2011 - 02:40 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Uninstall:
Java™ 6 Update 13 (obsolete. get latest version from java.com)
FrostWire 4.21.8 (P2P dangerous virus delivery system)
µTorrent (P2P)
"Yahoo! Companion" = Yahoo! Toolbar (Foistware)
"Yahoo! Search Defender" = Yahoo! Search Protection (Foistware)
"Yahoo! Software Update" = Yahoo! Software Update (Foistware)
Adobe Acrobat 4.0 (obsolete get latest version from adobe.com)

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#6
Derobmai41
Posted 06 November 2011 - 04:03 PM

Derobmai41

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Yea about frostwire. i constantly uninstall it but my sisters keep on installing it even after i tell them not to. is there a way where i can block frostwire? thank you.

here are the logs.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 06/11/2011 5:01:53 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/11/2011 4:59:52 PM
Type: error Category: 0
Event: 7023 Source: Service Control Manager
The Automatic Updates service terminated with the following error: The specified module could not be found.

Log: 'System' Date/Time: 06/11/2011 4:59:52 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The MCSTRM service failed to start due to the following error: The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vino's Event Viewer v01c run on Windows XP in English
Report run at 06/11/2011 5:02:29 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#7
RKinner
Posted 06 November 2011 - 05:58 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Download Dial-a-fix from http://djlizard.net....v0.60.0.24.zip. Save it to your desktop then right click on it and Extract All. Run the file called
Dial-a-fix.exe

In the section where it says WU/WUAU check "Fix Windows Update:"

Then hit the GO button at the bottom.

Start, All Programs, Accessories, Command Prompt. Type with an enter after each line:
net  start  wuauserv >  \junk.txt
net  start  bits  >>  \junk.txt
notepad  \junk.txt
Copy the text from notepad and paste it into a reply.

Copy the text in the code box:

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MCSTRM]

Start, Run, notepad, OK. Ctrl + v to paste the text into notepad. File, Save As, to your desktop, "fix.reg" OK (Make sure you use the quotation marks around the file name or it won't work right.

close notepad. Double click on fix.reg. Allow it to Merge.


Save the file to your desktop as del.reg, double click the del.reg
file and respond in the affirmative (Yes, OK) to the messages.

Then repeat the clearing of the event logs, reboot and run Vino's again.

Ron

PS. Try creating a file called "FrostWire" with notepad. Just put the word junk in the file and save as to E:\Program Files\ as "FrostWire"
That should keep Frostfire from installing where it wants to so that may prevent it.
  • 0

#8
Derobmai41
Posted 08 November 2011 - 05:30 PM

Derobmai41

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
link is not working
  • 0

#9
RKinner
Posted 08 November 2011 - 05:44 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Try http://djlizard.net/...-v0.60.0.24.zip
  • 0

#10
Derobmai41
Posted 10 November 2011 - 01:47 PM

Derobmai41

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
The Automatic Updates service is starting.

=============================================================================================



Vino's Event Viewer v01c run on Windows XP in English
Report run at 10/11/2011 2:45:15 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


=========================================================================================================


Vino's Event Viewer v01c run on Windows XP in English
Report run at 10/11/2011 2:45:38 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

Advertisements

#11
RKinner
Posted 10 November 2011 - 02:01 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
That's about all I see so I think we can clean up now.

We need to clean up System Restore. Follow Jim's procedure here:
http://aumha.net/vie...581099691bf108f


You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, Run, cmd, OK then right click, Paste, then hit Enter.

OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.

To hide hidden files again (If you do not run OTL cleanup):

XP

# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and shutdown My Computer.

You probably do not have the latest Java (Java™ 6 Update 27 or 7 update 0). Get the latest at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Note on Java and Firefox. For some reason Java does not remove old consoles from Firefox. Any time you update Java you should do Firefox, Add-ons, Extensions and disable any old Java Consoles

They will look like: Java Console 6.xx. The xx corresponds to the update number. When they switch to 7 update 0 then it will be Java Console 7.

Multiple Java Consoles will slow down the Firefox boot. After any change to Firefox or its extension you should run Speedyfox. (Mentioned later.)



Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas. If you don't use MSN Messenger I would not upgdate it. MS installs a bunch of stuff when you do. You can tell the program to not show you that update.)
If you use Firefox or Chome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: Adhttp://simple-adblock.com/ (This one is limited to 200 ads/day with the free version. Another good reason to use Firefox or Chrome instead of IE.)

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Click on Speedup my Firefox. When it finishes click on Exit.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0

#12
Derobmai41
Posted 10 November 2011 - 02:16 PM

Derobmai41

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
thank you
  • 0

#13
RKinner
Posted 03 December 2011 - 09:01 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I would hope that you went back into MSCONFIG and turn on everything. If not please do so then reboot. If you have already done that then

Right click on (My) Computer and select Manage then Device Manager, View Show Hidden Devices, Now in the right pane look for DVD/CD-ROM drives. Click ont eh + in front of it then right click on the actual drive just below DVD/CD-ROM Drives and Uninstall. Reboot.
  • 0

#14
Derobmai41
Posted 07 December 2011 - 02:05 PM

Derobmai41

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
All of what you said has been done. I've tried multiple things including replacment of drive as i was unable to find a driver for old drive anywhere. Drive now works for making cd's but when i click on the drive i am still getting the error message.

Disregard my previous pm if you haven't already seen it. i never got a notification on the site that you responded. sorry
  • 0

#15
Derobmai41
Posted 07 December 2011 - 02:09 PM

Derobmai41

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Attached File  untitled.bmp   711.62KB   170 downloadsI took a screen shot of the exact message.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP