Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Think I am infected with atapi.sys virus


  • This topic is locked This topic is locked
27 replies to this topic

#1 joe256

joe256

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:04:30 PM

Posted 07 August 2011 - 04:07 PM

Hello everyone,

I have a Dell laptop Windows XP Home SP3, and was having trouble upgrading AVG anti virus so I uninstalled it and put in Avira. I believe AVG wasn't completely removed and conflicted with Avira and then after running Avira I found network drivers corrupted. I tried to roll back and reinstall drivers in Safe Mode but I got Blue Screen Error:
Driver IRQL not less or equal
0x0D1
atapi.sys

Thanks for your help


DDS (Ver_10-11-09.01) - NTFSx86
Run by Anita Anderson at 17:44:13.82 on Sat 08/06/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1006.689 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Documents and Settings\Anita Anderson\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.1.2.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.2.1.2.dll/206
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
Trusted Zone: musicmatch.com\online
DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} - hxxps://content10.ilinc.com/download/AXCltInstall.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8DD733A8-353A-4E93-AB85-93CA8DC96F6A} - hxxps://objects.aol.com/activator/en-us/Activator.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://optionsxpressevents.webex.com/client/T26L/webex/ieatgpc.cab
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: balekufih - {928bf68f-c21a-4eed-8bea-6d5ff493e848} -
STS: {928bf68f-c21a-4eed-8bea-6d5ff493e848}: tokatiluy
LSA: Notification Packages = scecli tuvafuye.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-10 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-9-13 217032]
R1 SASDIFSV;SASDIFSV;c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\SASKUTIL.SYS [2010-5-10 67656]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-9-13 112592]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-9-12 583640]
S2 srenum;srenum;c:\windows\system32\drivers\srenum.sys --> c:\windows\system32\drivers\srenum.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\19.tmp --> c:\windows\system32\19.tmp [?]
S3 ndisrd;WinpkFilter Service;c:\windows\system32\drivers\ndisrd.sys --> c:\windows\system32\drivers\ndisrd.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-9-13 366840]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-9-13 1142224]

=============== Created Last 30 ================

2011-07-18 21:44:30 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-07-18 21:44:29 -------- d-----w- c:\windows\system32\wbem\Repository
2011-07-14 00:51:12 -------- d-----w- C:\R140747
2011-07-14 00:49:59 -------- d-----w- C:\R85255
2011-07-12 21:34:17 -------- d-----w- c:\docume~1\anitaa~1\applic~1\SUPERAntiSpyware.com
2011-07-12 21:34:17 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

==================== Find3M ====================


============= FINISH: 17:45:25.65 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:12:30 AM

Posted 13 August 2011 - 10:09 AM

Hi,

BitComet

Above listed ones are P2P file sharing programs. P2P downloads are nowadays one of those things that most likely bring infection into the system. My recommendation is to uninstall these (and other if present) P2P file sharing programs.


Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.

Please continue as follows:

  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
    Remember to re-enable them afterwards.

  • Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#3 joe256

joe256
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:04:30 PM

Posted 14 August 2011 - 03:16 PM

Hello,
When I try to run combofix I get a warning that it has detected the following real time scanner(s) to be active:
AVG Anti-Virus Free
It also shows up on the DDS log. This is strange because I uninstalled AVG when I had trouble upgrading it.
Is there some tool I can use to look at the programs that run on startup and then disable it ?

Thanks

#4 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:12:30 AM

Posted 15 August 2011 - 12:04 AM

Hi,

Run this AVG remover. If after that ComboFix still alerts about AVG presence then ignore the warning.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#5 joe256

joe256
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:04:30 PM

Posted 15 August 2011 - 05:57 PM

Hello,
The combo fix log is too big it says. What do I do ?
Thanks

#6 joe256

joe256
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:04:30 PM

Posted 15 August 2011 - 10:02 PM

Hello,
I have posted the beginning and the end of the combofix log because the attachment device kept saying it was too big. I also attached the new dds log as well as the avg remover log because the dds log and the combofix log says that avg scanner is still enabled and the avg remover seems to say that it was an incomplete uninstall. Nevertheless, I can now use safe mode properly again but would like you to confirm whether everything is alright .

Thanks



(1) ComboFix 11-08-15.04 - Anita Anderson 08/15/2011 15:10:51.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1006.691 [GMT -4:00]
Running from: E:\ComboFix.exe
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Anita Anderson\g2mdlhlpx.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FAD
.
.
((((((((((((((((((((((((( Files Created from 2011-07-15 to 2011-08-15 )))))))))))))))))))))))))))))))
.
.
2011-07-18 21:44 . 2011-07-18 21:44 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((( SnapShot@2009-06-17_17.54.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-12 18:37 . 2008-04-14 00:12 57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2009-07-11 23:41 . 2009-07-11 23:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
- 2007-02-17 19:33 . 2007-01-19 20:15 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-09-12 18:37 . 2008-04-14 00:12 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2004-08-10 17:51 . 2004-08-04 10:00 50688 c:\windows\twain_32.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 50688 c:\windows\twain_32.dll
+ 2011-08-15 19:16 . 2011-08-15 19:16 16384 c:\windows\Temp\Perflib_Perfdata_59c.dat
+ 2004-08-10 18:01 . 2008-04-14 00:12 11776 c:\windows\system32\xolehlp.dll
- 2004-08-10 18:01 . 2006-03-01 19:42 11776 c:\windows\system32\xolehlp.dll
+ 2004-08-10 17:51 . 2008-04-14 00:12 50176 c:\windows\system32\xmlprovi.dll

. . .

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2009-11-25 3176408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 761947]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-28 148888]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-04-20 26112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-04-20 98304]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe" [2005-09-09 8192]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-20 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-20 114688]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-20 77824]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-13 520024]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-4-19 24576]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0sprecovr \SystemRoot\sprecovr.txt
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\wbem\\unsecapp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7967:TCP"= 7967:TCP:BitComet 7967 TCP
"7967:UDP"= 7967:UDP:BitComet 7967 UDP
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2/10/2009 8:02 PM 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [9/13/2010 8:21 PM 217032]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [9/13/2010 8:21 PM 112592]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [9/12/2010 6:54 PM 583640]
S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\ANITAA~1\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS --> c:\docume~1\ANITAA~1\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\ANITAA~1\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS --> c:\docume~1\ANITAA~1\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS [?]
S2 srenum;srenum;c:\windows\system32\DRIVERS\srenum.sys --> c:\windows\system32\DRIVERS\srenum.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM 1029456]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\19.tmp --> c:\windows\system32\19.tmp [?]
S3 ndisrd;WinpkFilter Service;c:\windows\system32\DRIVERS\ndisrd.sys --> c:\windows\system32\DRIVERS\ndisrd.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [9/13/2010 8:20 PM 366840]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: &D&ownload &with BitComet
IE: &D&ownload all video with BitComet
IE: &D&ownload all with BitComet
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: musicmatch.com\online
DPF: {8DD733A8-353A-4E93-AB85-93CA8DC96F6A} - hxxps://objects.aol.com/activator/en-us/Activator.cab
.
- - - - ORPHANS REMOVED - - - -
.
SharedTaskScheduler-{928bf68f-c21a-4eed-8bea-6d5ff493e848} - (no file)
SSODL-balekufih-{928bf68f-c21a-4eed-8bea-6d5ff493e848} - (no file)
Notify-avgrsstarter - avgrsstx.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-15 15:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\19.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2686934912-2866415145-2308686549-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(688)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
- - - - - - - > 'explorer.exe'(3308)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\igfxsrvc.exe
c:\progra~1\MUSICM~1\MUSICM~3\MMDiag.exe
c:\program files\MUSICMATCH\Musicmatch Jukebox\mim.exe
.
**************************************************************************
.
Completion time: 2011-08-15 15:23:06 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-15 19:23
ComboFix2.txt 2009-12-23 18:48
ComboFix3.txt 2009-06-17 17:57
.
Pre-Run: 2,213,261,312 bytes free
Post-Run: 2,357,780,480 bytes free
.
- - End Of File - - CB913BE4699A8737DE0FFD20B6FA69B0






(2) DDS (Ver_10-11-09.01) - NTFSx86
Run by Anita Anderson at 14:59:55.64 on Mon 08/15/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1006.696 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Documents and Settings\Anita Anderson\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: &D&ownload &with BitComet
IE: &D&ownload all video with BitComet
IE: &D&ownload all with BitComet
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
Trusted Zone: musicmatch.com\online
DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} - hxxps://content10.ilinc.com/download/AXCltInstall.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8DD733A8-353A-4E93-AB85-93CA8DC96F6A} - hxxps://objects.aol.com/activator/en-us/Activator.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://optionsxpressevents.webex.com/client/T26L/webex/ieatgpc.cab
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: balekufih - {928bf68f-c21a-4eed-8bea-6d5ff493e848} -
STS: {928bf68f-c21a-4eed-8bea-6d5ff493e848}: tokatiluy
LSA: Notification Packages = scecli tuvafuye.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-10 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-9-13 217032]
R1 SASDIFSV;SASDIFSV;c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\SASKUTIL.SYS [2010-5-10 67656]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-9-13 112592]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-9-12 583640]
S2 srenum;srenum;c:\windows\system32\drivers\srenum.sys --> c:\windows\system32\drivers\srenum.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\19.tmp --> c:\windows\system32\19.tmp [?]
S3 ndisrd;WinpkFilter Service;c:\windows\system32\drivers\ndisrd.sys --> c:\windows\system32\drivers\ndisrd.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-9-13 366840]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-9-13 1142224]

=============== Created Last 30 ================

2011-07-18 21:44:30 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-07-18 21:44:29 -------- d-----w- c:\windows\system32\wbem\Repository

==================== Find3M ====================


============= FINISH: 15:01:05.78 ===============



(3)AVG REMOVER

2011-08-15 18:55:58,804 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2011-08-15 18:55:58,824 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2011-08-15 18:55:58,824 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2011-08-15 18:55:58,824 INFO Command line: "C:\Documents and Settings\Anita Anderson\Desktop\avg_remover_stf_x86_2011_1322.exe"
2011-08-15 18:55:58,824 WARN AvgDir param empty.
2011-08-15 18:55:58,824 WARN AvgAdminDir param empty.
2011-08-15 18:55:58,824 WARN AvgDataDir param empty.
2011-08-15 18:56:17,170 INFO AvgRemover runs in attempt number 1
2011-08-15 18:56:17,200 INFO ***** Msi data *****
2011-08-15 18:56:17,320 DEBUG No product code found for our upgrade codes, nothing to do here
2011-08-15 18:56:17,320 INFO ***** Exchange&Outlook plugins data *****
2011-08-15 18:56:17,320 INFO Removing AvgOutlook addin
2011-08-15 18:56:17,320 INFO AvgOutlook Removing HKCR addin keys x86
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'avgoutlook.Addin': 0xe001003d
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2011-08-15 18:56:17,320 INFO AvgOutlook Removing HKCR addin keys x64
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'avgoutlook.Addin': 0xe001003d
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2011-08-15 18:56:17,320 DEBUG Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2011-08-15 18:56:17,330 INFO Removing Sharepoint plugin if exists
2011-08-15 18:56:17,330 DEBUG Failed to open key 'Software\Microsoft\Shared Tools\Web Server Extensions\AVScanner': 0xe0010013
2011-08-15 18:56:17,330 DEBUG Failed to open key 'Software\Microsoft\Shared Tools\Web Server Extensions\AVScanner': 0xe0010013
2011-08-15 18:56:17,330 INFO Removing Antispam plugin for Exchange 2000/2003 if exists
2011-08-15 18:56:17,330 DEBUG Stopping service 'MSExchangeIS' to remove VSAPI plugin...
2011-08-15 18:56:17,330 DEBUG Service MSExchangeIS Stop failed (error: c0070424)
2011-08-15 18:56:17,330 DEBUG Exchange&Outlook plugins removal failed with error 0xc0070424
2011-08-15 18:56:17,330 INFO ***** Services *****
2011-08-15 18:56:17,360 INFO Processing service avgfws8, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service avg8wd, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgWFPx, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgWFPa, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service avg9wd, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgMfx86, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgMfx64, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgLdx86, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgLdx64, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgTdiX, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgTdiA, it can take several minutes...
2011-08-15 18:56:17,360 INFO Processing service AvgRkx86, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service avg8emc, it can take several minutes...
2011-08-15 18:56:17,370 INFO Service avg8emc is not installed
2011-08-15 18:56:17,370 INFO Service AvgRkx86 is not installed
2011-08-15 18:56:17,370 INFO Service AvgTdiA is not installed
2011-08-15 18:56:17,370 INFO Service AvgTdiX is not installed
2011-08-15 18:56:17,370 INFO Service AvgLdx64 is not installed
2011-08-15 18:56:17,370 INFO Service AvgLdx86 is not installed
2011-08-15 18:56:17,370 INFO Service AvgMfx64 is not installed
2011-08-15 18:56:17,370 INFO Service AvgMfx86 is not installed
2011-08-15 18:56:17,370 INFO Service avg9wd is not installed
2011-08-15 18:56:17,370 INFO Service AvgWFPa is not installed
2011-08-15 18:56:17,370 INFO Service AvgWFPx is not installed
2011-08-15 18:56:17,370 INFO Service avg8wd is not installed
2011-08-15 18:56:17,370 INFO Service avgfws8 is not installed
2011-08-15 18:56:17,370 INFO Processing service AvgRkx64, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service avg9emc, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service avgfws9, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service avgfws, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSAgent, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSShimxpx, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSFilterxpx, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSDriverxpx, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSShimvtx, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSFiltervtx, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSDrivervtx, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSFiltervta, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSDrivervta, it can take several minutes...
2011-08-15 18:56:17,370 INFO Processing service AVGIDSShimw7x, it can take several minutes...
2011-08-15 18:56:17,390 INFO Service AVGIDSShimw7x is not installed
2011-08-15 18:56:17,390 INFO Service AVGIDSDrivervta is not installed
2011-08-15 18:56:17,390 INFO Service AVGIDSFiltervta is not installed
2011-08-15 18:56:17,400 INFO Service AVGIDSDrivervtx is not installed
2011-08-15 18:56:17,400 INFO Service AVGIDSFiltervtx is not installed
2011-08-15 18:56:17,400 INFO Service AVGIDSShimvtx is not installed
2011-08-15 18:56:17,400 INFO Service AVGIDSDriverxpx is not installed
2011-08-15 18:56:17,400 INFO Service AVGIDSFilterxpx is not installed
2011-08-15 18:56:17,400 INFO Service AVGIDSShimxpx is not installed
2011-08-15 18:56:17,400 INFO Service AVGIDSAgent is not installed
2011-08-15 18:56:17,400 INFO Service avgfws is not installed
2011-08-15 18:56:17,400 INFO Service avgfws9 is not installed
2011-08-15 18:56:17,400 INFO Service avg9emc is not installed
2011-08-15 18:56:17,400 INFO Service AvgRkx64 is not installed
2011-08-15 18:56:17,400 DEBUG Service avgfws8 RegCleanup
2011-08-15 18:56:17,400 DEBUG Service avg8wd RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgWFPx RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgWFPa RegCleanup
2011-08-15 18:56:17,400 DEBUG Service avg9wd RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgMfx86 RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgMfx64 RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgLdx86 RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgLdx64 RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgTdiX RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgTdiA RegCleanup
2011-08-15 18:56:17,400 DEBUG Service AvgRkx86 RegCleanup
2011-08-15 18:56:17,400 DEBUG Service avg8emc RegCleanup
2011-08-15 18:56:17,400 INFO Processing service AVGIDSFilterw7x, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AVGIDSDriverw7x, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AVGIDSFilterw7a, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AVGIDSDriverw7a, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AVGIDSErHrxpx, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AVGIDSErHrvtx, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AVGIDSErHrvta, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AVGIDSErHrw7x, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AVGIDSErHrw7a, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service avgwd, it can take several minutes...
2011-08-15 18:56:17,400 INFO Processing service AvgAdminServer, it can take several minutes...
2011-08-15 18:56:17,410 DEBUG Registry keys for service avgfws8 are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service avg8wd are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgWFPx are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgWFPa are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service avg9wd are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgMfx86 are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgMfx64 are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgLdx86 are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgLdx64 are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgTdiX are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgTdiA are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service AvgRkx86 are not present
2011-08-15 18:56:17,410 DEBUG Registry keys for service avg8emc are not present
2011-08-15 18:56:17,420 INFO Service AvgAdminServer is not installed
2011-08-15 18:56:17,420 INFO Service avgwd is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSErHrw7a is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSErHrw7x is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSErHrvta is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSErHrvtx is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSErHrxpx is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSDriverw7a is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSFilterw7a is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSDriverw7x is not installed
2011-08-15 18:56:17,420 INFO Service AVGIDSFilterw7x is not installed
2011-08-15 18:56:17,420 DEBUG Service AvgRkx64 RegCleanup
2011-08-15 18:56:17,420 DEBUG Service avg9emc RegCleanup
2011-08-15 18:56:17,420 DEBUG Service avgfws9 RegCleanup
2011-08-15 18:56:17,420 DEBUG Service avgfws RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSAgent RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSShimxpx RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSFilterxpx RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSDriverxpx RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSShimvtx RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSFiltervtx RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSDrivervtx RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSFiltervta RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSDrivervta RegCleanup
2011-08-15 18:56:17,420 DEBUG Service AVGIDSShimw7x RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AvgRkx64 are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service avg9emc are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service avgfws9 are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service avgfws are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSAgent are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSShimxpx are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSShimvtx are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSFiltervta are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSDrivervta are not present
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSShimw7x are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSFilterw7x RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSDriverw7x RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSFilterw7a RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSDriverw7a RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSErHrxpx RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSErHrvtx RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSErHrvta RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSErHrvta are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSErHrw7x RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2011-08-15 18:56:17,430 DEBUG Service AVGIDSErHrw7a RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2011-08-15 18:56:17,430 DEBUG Service avgwd RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service avgwd are not present
2011-08-15 18:56:17,430 DEBUG Service AvgAdminServer RegCleanup
2011-08-15 18:56:17,430 DEBUG Registry keys for service AvgAdminServer are not present
2011-08-15 18:56:17,440 INFO ***** Avg Fw NDIS driver(separate process) *****
2011-08-15 18:56:17,471 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2011-08-15 18:56:17,471 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2011-08-15 18:56:17,471 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2011-08-15 18:56:17,471 INFO Command line: "C:\Documents and Settings\Anita Anderson\Desktop\avg_remover_stf_x86_2011_1322.exe" /ndisonly /skipask
2011-08-15 18:56:17,471 WARN AvgDir param empty.
2011-08-15 18:56:17,471 WARN AvgAdminDir param empty.
2011-08-15 18:56:17,481 WARN AvgDataDir param empty.
2011-08-15 18:56:17,481 INFO AvgRemover runs in attempt number 1
2011-08-15 18:56:17,481 INFO ***** Avg Fw NDIS driver *****
2011-08-15 18:56:17,481 INFO ...this operation can take several minutes...
2011-08-15 18:56:17,481 INFO FW removing policy
2011-08-15 18:56:18,502 INFO FW NDIS driver not present
2011-08-15 18:56:18,532 DEBUG Remove NDIS driver pass, next uninstalation step is 10, old was 1
2011-08-15 18:56:18,532 INFO ***** end of Fw NDIS separated process *****
2011-08-15 18:56:18,532 INFO ***** Drivers *****
2011-08-15 18:56:18,532 INFO ***** Running AVG process *****
2011-08-15 18:56:19,103 INFO ***** Registry keys and values *****
2011-08-15 18:56:19,103 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-08-15 18:56:19,103 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2011-08-15 18:56:19,103 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2011-08-15 18:56:19,103 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2011-08-15 18:56:19,103 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2011-08-15 18:56:19,103 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2011-08-15 18:56:19,103 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2011-08-15 18:56:19,103 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2011-08-15 18:56:19,103 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2011-08-15 18:56:19,103 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2011-08-15 18:56:19,113 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2011-08-15 18:56:19,113 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2011-08-15 18:56:19,113 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2011-08-15 18:56:19,113 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2011-08-15 18:56:19,113 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2011-08-15 18:56:19,113 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2011-08-15 18:56:19,113 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2011-08-15 18:56:19,113 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2011-08-15 18:56:19,113 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2011-08-15 18:56:19,113 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2011-08-15 18:56:19,113 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2011-08-15 18:56:19,113 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2011-08-15 18:56:19,113 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2011-08-15 18:56:19,113 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2011-08-15 18:56:19,113 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-08-15 18:56:19,113 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-08-15 18:56:19,113 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-08-15 18:56:19,113 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2011-08-15 18:56:19,113 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2011-08-15 18:56:19,113 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2011-08-15 18:56:19,113 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-08-15 18:56:19,123 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-08-15 18:56:19,123 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-08-15 18:56:19,123 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2011-08-15 18:56:19,123 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2011-08-15 18:56:19,123 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2011-08-15 18:56:19,123 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2011-08-15 18:56:19,123 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2011-08-15 18:56:19,123 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2011-08-15 18:56:19,123 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2011-08-15 18:56:19,123 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2011-08-15 18:56:19,123 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2011-08-15 18:56:19,123 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2011-08-15 18:56:19,123 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-08-15 18:56:19,123 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2011-08-15 18:56:19,123 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2011-08-15 18:56:19,123 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-08-15 18:56:19,133 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2011-08-15 18:56:19,133 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2011-08-15 18:56:19,133 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-08-15 18:56:19,133 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2011-08-15 18:56:19,133 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2011-08-15 18:56:19,133 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2011-08-15 18:56:19,133 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2011-08-15 18:56:19,133 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2011-08-15 18:56:19,133 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-08-15 18:56:19,133 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2011-08-15 18:56:19,133 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2011-08-15 18:56:19,133 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-08-15 18:56:19,133 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2011-08-15 18:56:19,133 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2011-08-15 18:56:19,143 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2011-08-15 18:56:19,143 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2011-08-15 18:56:19,143 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2011-08-15 18:56:19,143 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-08-15 18:56:19,143 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-08-15 18:56:19,143 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-08-15 18:56:19,143 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2011-08-15 18:56:19,143 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2011-08-15 18:56:19,143 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\.avgdi
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdi not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\.avgdx
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdx not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\.avgdx
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdx not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\.avgdx
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdx not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\.avgdx
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\.avgdx not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2011-08-15 18:56:19,153 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2011-08-15 18:56:19,153 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2011-08-15 18:56:19,163 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2011-08-15 18:56:19,163 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2011-08-15 18:56:19,173 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2011-08-15 18:56:19,173 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2011-08-15 18:56:19,173 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2011-08-15 18:56:19,173 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2011-08-15 18:56:19,173 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2011-08-15 18:56:19,173 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2011-08-15 18:56:19,173 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2011-08-15 18:56:19,173 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2011-08-15 18:56:19,173 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL
2011-08-15 18:56:19,183 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL ForceRemove
2011-08-15 18:56:19,183 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL not found
2011-08-15 18:56:19,183 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-08-15 18:56:19,183 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2011-08-15 18:56:19,183 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2011-08-15 18:56:19,183 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2011-08-15 18:56:19,183 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2011-08-15 18:56:19,183 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2011-08-15 18:56:19,183 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2011-08-15 18:56:19,183 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2011-08-15 18:56:19,183 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2011-08-15 18:56:19,183 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2011-08-15 18:56:19,183 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2011-08-15 18:56:19,183 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2011-08-15 18:56:19,183 INFO Processing registry SYSTEM\ControlSet001\Control\GroupOrderList
2011-08-15 18:56:19,183 DEBUG Value SYSTEM\ControlSet001\Control\GroupOrderList:AVG Remove
2011-08-15 18:56:19,193 INFO Value SYSTEM\ControlSet001\Control\GroupOrderList:AVG is not present
2011-08-15 18:56:19,193 INFO Processing registry SYSTEM\ControlSet001\services\Avg
2011-08-15 18:56:19,193 DEBUG Key SYSTEM\ControlSet001\services\Avg ForceRemove
2011-08-15 18:56:19,203 DEBUG Key SYSTEM\ControlSet001\services\Avg not found
2011-08-15 18:56:19,203 INFO Processing registry SYSTEM\ControlSet001\services\Avgfwfd
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd ForceRemove
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd not found
2011-08-15 18:56:19,213 INFO Processing registry SYSTEM\ControlSet001\services\AVG Security Toolbar Service
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service ForceRemove
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service not found
2011-08-15 18:56:19,213 INFO Processing registry SYSTEM\ControlSet001\services\Avgfws
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\Avgfws ForceRemove
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\Avgfws not found
2011-08-15 18:56:19,213 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSAgent
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent ForceRemove
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent not found
2011-08-15 18:56:19,213 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSDriver
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver ForceRemove
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver not found
2011-08-15 18:56:19,213 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSEH
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH ForceRemove
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH not found
2011-08-15 18:56:19,213 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSFilter
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter ForceRemove
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter not found
2011-08-15 18:56:19,213 INFO Processing registry SYSTEM\ControlSet001\services\avgldx64
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 ForceRemove
2011-08-15 18:56:19,213 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 not found
2011-08-15 18:56:19,213 INFO Processing registry SYSTEM\ControlSet001\services\avgldx86
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx64
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx86
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx64
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx86
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgtdia
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgtdia ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgtdia not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgtdix
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgtdix ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgtdix not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgwd
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgwd ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgwd not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgfwdx
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx ForceRemove
2011-08-15 18:56:19,223 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx not found
2011-08-15 18:56:19,223 INFO Processing registry SYSTEM\ControlSet001\services\avgfwda
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet001\services\avgfwda ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet001\services\avgfwda not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\Avg not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2011-08-15 18:56:19,233 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2011-08-15 18:56:19,233 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx64
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx86
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgtdia
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgtdia ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgtdia not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgtdix
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgtdix ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgtdix not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgwd
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgwd ForceRemove
2011-08-15 18:56:19,243 DEBUG Key SYSTEM\ControlSet002\services\avgwd not found
2011-08-15 18:56:19,243 INFO Processing registry SYSTEM\ControlSet002\services\avgfwdx
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\avgfwdx ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\avgfwdx not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\avgfwda
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\avgfwda ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\avgfwda not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\Avg not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2011-08-15 18:56:19,253 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2011-08-15 18:56:19,253 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2011-08-15 18:56:19,263 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2011-08-15 18:56:19,263 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2011-08-15 18:56:19,263 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2011-08-15 18:56:19,263 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found
2011-08-15 18:56:19,263 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx64
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 ForceRemove
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 not found
2011-08-15 18:56:19,263 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx86
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 ForceRemove
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 not found
2011-08-15 18:56:19,263 INFO Processing registry SYSTEM\ControlSet002\services\avgtdia
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgtdia ForceRemove
2011-08-15 18:56:19,263 DEBUG Key SYSTEM\ControlSet002\services\avgtdia not found
2011-08-15 18:56:19,263 INFO Processing registry SYSTEM\ControlSet002\services\avgtdix
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\ControlSet002\services\avgtdix ForceRemove
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\ControlSet002\services\avgtdix not found
2011-08-15 18:56:19,273 INFO Processing registry SYSTEM\ControlSet002\services\avgwd
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\ControlSet002\services\avgwd ForceRemove
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\ControlSet002\services\avgwd not found
2011-08-15 18:56:19,273 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS ForceRemove
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS not found
2011-08-15 18:56:19,273 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT not found
2011-08-15 18:56:19,273 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER not found
2011-08-15 18:56:19,273 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH not found
2011-08-15 18:56:19,273 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER not found
2011-08-15 18:56:19,273 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2011-08-15 18:56:19,273 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM not found
2011-08-15 18:56:19,273 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86 not found
2011-08-15 18:56:19,283 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86 not found
2011-08-15 18:56:19,283 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86 not found
2011-08-15 18:56:19,283 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64 not found
2011-08-15 18:56:19,283 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64 not found
2011-08-15 18:56:19,283 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64 not found
2011-08-15 18:56:19,283 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX ForceRemove
2011-08-15 18:56:19,283 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX failed (error e0010058)
2011-08-15 18:56:19,283 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA ForceRemove
2011-08-15 18:56:19,283 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA not found
2011-08-15 18:56:19,283 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD ForceRemove
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD not found
2011-08-15 18:56:19,293 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD ForceRemove
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD not found
2011-08-15 18:56:19,293 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2011-08-15 18:56:19,293 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2011-08-15 18:56:19,293 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2011-08-15 18:56:19,293 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS
2011-08-15 18:56:19,293 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS ForceRemove
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS not found
2011-08-15 18:56:19,303 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT not found
2011-08-15 18:56:19,303 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER not found
2011-08-15 18:56:19,303 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH not found
2011-08-15 18:56:19,303 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER not found
2011-08-15 18:56:19,303 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM not found
2011-08-15 18:56:19,303 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86 not found
2011-08-15 18:56:19,303 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2011-08-15 18:56:19,303 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86 not found
2011-08-15 18:56:19,303 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86 not found
2011-08-15 18:56:19,313 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64 not found
2011-08-15 18:56:19,313 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64 not found
2011-08-15 18:56:19,313 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64 not found
2011-08-15 18:56:19,313 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX ForceRemove
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX not found
2011-08-15 18:56:19,313 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA ForceRemove
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA not found
2011-08-15 18:56:19,313 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD ForceRemove
2011-08-15 18:56:19,313 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD ForceRemove
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS ForceRemove
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2011-08-15 18:56:19,323 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH not found
2011-08-15 18:56:19,323 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER not found
2011-08-15 18:56:19,333 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM not found
2011-08-15 18:56:19,333 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86 not found
2011-08-15 18:56:19,333 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86 not found
2011-08-15 18:56:19,333 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86 not found
2011-08-15 18:56:19,333 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64 not found
2011-08-15 18:56:19,333 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2011-08-15 18:56:19,333 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64 not found
2011-08-15 18:56:19,333 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64 not found
2011-08-15 18:56:19,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX ForceRemove
2011-08-15 18:56:19,343 WARN Deleting key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX failed (error e0010058)
2011-08-15 18:56:19,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA ForceRemove
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA not found
2011-08-15 18:56:19,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD ForceRemove
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD not found
2011-08-15 18:56:19,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD ForceRemove
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD not found
2011-08-15 18:56:19,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2011-08-15 18:56:19,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2011-08-15 18:56:19,343 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2011-08-15 18:56:19,343 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX
2011-08-15 18:56:19,353 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\Clients
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\Clients not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\AVG8
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG8 not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\AVG9
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG9 not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\AVG10
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG10 not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\AVG10
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG10 not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\AVG IDS
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\AVG IDS
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG
2011-08-15 18:56:19,353 DEBUG Value SOFTWARE\AVG:DumpType Remove
2011-08-15 18:56:19,353 DEBUG Value SOFTWARE\AVG:DumpType not present - Key not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\AvgAdmin10
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AvgAdmin10 ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AvgAdmin10 not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG\AvgAdmin10
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AvgAdmin10 ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG\AvgAdmin10 not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG ForceRemove
2011-08-15 18:56:19,353 DEBUG Key SOFTWARE\AVG not found
2011-08-15 18:56:19,353 INFO Processing registry SOFTWARE\AVG
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG\AVG8
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG\AVG8 not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG\AVG9
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG\AVG9 not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG\AVG10
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG\AVG10 not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG\AVG10
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG\AVG10 not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\AVG Security Toolbar
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2011-08-15 18:56:19,363 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2011-08-15 18:56:19,363 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2011-08-15 18:56:19,363 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2011-08-15 18:56:19,363 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2011-08-15 18:56:19,373 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-08-15 18:56:19,373 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-08-15 18:56:19,373 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-08-15 18:56:19,373 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2011-08-15 18:56:19,373 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2011-08-15 18:56:19,373 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2011-08-15 18:56:19,373 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-08-15 18:56:19,373 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-08-15 18:56:19,373 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-08-15 18:56:19,373 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-08-15 18:56:19,373 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-08-15 18:56:19,373 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-08-15 18:56:19,373 INFO Processing registry SOFTWARE\AppDataLow\Avg
2011-08-15 18:56:19,373 DEBUG Key SOFTWARE\AppDataLow\Avg ForceRemove
2011-08-15 18:56:19,373 DEBUG Key SOFTWARE\AppDataLow\Avg not found
2011-08-15 18:56:19,373 INFO Processing registry SOFTWARE\AppDataLow\Software\AVG Security Toolbar
2011-08-15 18:56:19,383 DEBUG Key SOFTWARE\AppDataLow\Software\AVG Security Toolbar ForceRemove
2011-08-15 18:56:19,383 DEBUG Key SOFTWARE\AppDataLow\Software\AVG Security Toolbar not found
2011-08-15 18:56:19,383 INFO Processing registry .avgdxa
2011-08-15 18:56:19,383 DEBUG Key .avgdxa ForceRemove
2011-08-15 18:56:19,383 DEBUG Key .avgdxa not found
2011-08-15 18:56:19,383 INFO Processing registry aAvgAPI.AvgBro
2011-08-15 18:56:19,383 DEBUG Key aAvgAPI.AvgBro ForceRemove
2011-08-15 18:56:19,383 DEBUG Key aAvgAPI.AvgBro not found
2011-08-15 18:56:19,383 INFO Processing registry AVG.Office
2011-08-15 18:56:19,383 DEBUG Key AVG.Office ForceRemove
2011-08-15 18:56:19,383 DEBUG Key AVG.Office not found
2011-08-15 18:56:19,383 INFO Processing registry AVG.Office.8
2011-08-15 18:56:19,383 DEBUG Key AVG.Office.8 ForceRemove
2011-08-15 18:56:19,383 DEBUG Key AVG.Office.8 not found
2011-08-15 18:56:19,383 INFO Processing registry AvgDiagFile
2011-08-15 18:56:19,383 DEBUG Key AvgDiagFile ForceRemove
2011-08-15 18:56:19,383 DEBUG Key AvgDiagFile not found
2011-08-15 18:56:19,383 INFO Processing registry AvgDiagExFile
2011-08-15 18:56:19,383 DEBUG Key AvgDiagExFile ForceRemove
2011-08-15 18:56:19,383 DEBUG Key AvgDiagExFile not found
2011-08-15 18:56:19,383 INFO Processing registry avgtoolbar.AVGTOOLBAR
2011-08-15 18:56:19,383 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2011-08-15 18:56:19,383 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2011-08-15 18:56:19,383 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2011-08-15 18:56:19,383 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2011-08-15 18:56:19,383 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2011-08-15 18:56:19,383 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2011-08-15 18:56:19,383 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2011-08-15 18:56:19,383 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2011-08-15 18:56:19,383 INFO Processing registry LinkScannerIE.NavFilter
2011-08-15 18:56:19,383 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2011-08-15 18:56:19,383 DEBUG Key LinkScannerIE.NavFilter not found
2011-08-15 18:56:19,383 INFO Processing registry LinkScannerIE.NavFilter.1
2011-08-15 18:56:19,383 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2011-08-15 18:56:19,383 DEBUG Key LinkScannerIE.NavFilter.1 not found
2011-08-15 18:56:19,383 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2011-08-15 18:56:19,393 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2011-08-15 18:56:19,393 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2011-08-15 18:56:19,393 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2011-08-15 18:56:19,393 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2011-08-15 18:56:19,393 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2011-08-15 18:56:19,393 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2011-08-15 18:56:19,393 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2011-08-15 18:56:19,393 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2011-08-15 18:56:19,393 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-08-15 18:56:19,393 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-08-15 18:56:19,393 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-08-15 18:56:19,393 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2011-08-15 18:56:19,393 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2011-08-15 18:56:19,393 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2011-08-15 18:56:19,393 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2011-08-15 18:56:19,393 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2011-08-15 18:56:19,393 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2011-08-15 18:56:19,393 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2011-08-15 18:56:19,393 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2011-08-15 18:56:19,393 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2011-08-15 18:56:19,393 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2011-08-15 18:56:19,393 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2011-08-15 18:56:19,393 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2011-08-15 18:56:19,393 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2011-08-15 18:56:19,403 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2011-08-15 18:56:19,403 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2011-08-15 18:56:19,403 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2011-08-15 18:56:19,403 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2011-08-15 18:56:19,403 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2011-08-15 18:56:19,403 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2011-08-15 18:56:19,403 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2011-08-15 18:56:19,403 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2011-08-15 18:56:19,403 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-08-15 18:56:19,403 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-08-15 18:56:19,403 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-08-15 18:56:19,403 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2011-08-15 18:56:19,403 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2011-08-15 18:56:19,403 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2011-08-15 18:56:19,403 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2011-08-15 18:56:19,403 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2011-08-15 18:56:19,403 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2011-08-15 18:56:19,403 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2011-08-15 18:56:19,403 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2011-08-15 18:56:19,403 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2011-08-15 18:56:19,403 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2011-08-15 18:56:19,403 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2011-08-15 18:56:19,403 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2011-08-15 18:56:19,403 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2011-08-15 18:56:19,413 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2011-08-15 18:56:19,413 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2011-08-15 18:56:19,413 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2011-08-15 18:56:19,413 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2011-08-15 18:56:19,413 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2011-08-15 18:56:19,413 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2011-08-15 18:56:19,413 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2011-08-15 18:56:19,413 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2011-08-15 18:56:19,413 INFO Processing registry CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83}
2011-08-15 18:56:19,413 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} ForceRemove
2011-08-15 18:56:19,413 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} not found
2011-08-15 18:56:19,413 INFO Processing registry CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2011-08-15 18:56:19,413 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2011-08-15 18:56:19,413 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2011-08-15 18:56:19,413 INFO Processing registry CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C}
2011-08-15 18:56:19,413 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} ForceRemove
2011-08-15 18:56:19,413 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} not found
2011-08-15 18:56:19,413 INFO Processing registry CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB}
2011-08-15 18:56:19,413 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} ForceRemove
2011-08-15 18:56:19,413 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} not found
2011-08-15 18:56:19,413 INFO Processing registry CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB}
2011-08-15 18:56:19,413 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} ForceRemove
2011-08-15 18:56:19,413 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} not found
2011-08-15 18:56:19,413 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2011-08-15 18:56:19,423 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2011-08-15 18:56:19,423 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2011-08-15 18:56:19,423 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2011-08-15 18:56:19,423 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2011-08-15 18:56:19,423 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2011-08-15 18:56:19,423 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2011-08-15 18:56:19,423 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2011-08-15 18:56:19,423 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2011-08-15 18:56:19,423 INFO Processing registry CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2011-08-15 18:56:19,423 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2011-08-15 18:56:19,423 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2011-08-15 18:56:19,423 INFO Processing registry CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2011-08-15 18:56:19,423 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2011-08-15 18:56:19,423 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2011-08-15 18:56:19,423 DEBUG Removing Session Manager values
2011-08-15 18:56:19,423 DEBUG Registry remover failed for some registry item(s)
2011-08-15 18:56:19,423 INFO ***** Files and folders *****
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 0
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 1
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 2
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 3
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 4
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 5
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 6
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 7
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 8
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 9
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 10
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 11
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 12
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 13
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 14
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 15
2011-08-15 18:56:19,443 DEBUG Missing ParentDir path for fileItem number 16
2011-08-15 18:56:19,443 DEBUG Processing item 'C:\Documents and Settings\Anita Anderson\Application Data\AVGTOOLBAR'
2011-08-15 18:56:19,443 INFO Directory 'C:\Documents and Settings\Anita Anderson\Application Data\AVGTOOLBAR' not found
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0'
2011-08-15 18:56:19,453 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0' not found
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0'
2011-08-15 18:56:19,453 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0' not found
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5'
2011-08-15 18:56:19,453 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5' not found
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5'
2011-08-15 18:56:19,453 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5' not found
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk'
2011-08-15 18:56:19,453 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk' not found
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk'
2011-08-15 18:56:19,453 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk' not found
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk'
2011-08-15 18:56:19,453 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk' not found
2011-08-15 18:56:19,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk'
2011-08-15 18:56:19,453 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk' not found
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 27
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 28
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 29
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 30
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 31
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 32
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 33
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 34
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 35
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 36
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 37
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 38
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 39
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 40
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 41
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 42
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 43
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 44
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 45
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 46
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 47
2011-08-15 18:56:19,463 DEBUG Missing ParentDir path for fileItem number 48
2011-08-15 18:56:19,463 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages'
2011-08-15 18:56:19,463 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages' not found
2011-08-15 18:56:19,463 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Update'
2011-08-15 18:56:19,463 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Update' not found
2011-08-15 18:56:19,463 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar'
2011-08-15 18:56:19,463 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar' not found
2011-08-15 18:56:19,463 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2011-08-15 18:56:19,463 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 9.0'
2011-08-15 18:56:19,463 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 9.0' not found
2011-08-15 18:56:19,463 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 9.0'
2011-08-15 18:56:19,463 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 9.0' not found
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk'
2011-08-15 18:56:19,473 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk' not found
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk'
2011-08-15 18:56:19,473 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk' not found
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 57
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 58
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 59
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 60
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 61
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 62
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 63
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 64
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 65
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 66
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 67
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 68
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 69
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 70
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 71
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 72
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 73
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 74
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 75
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 76
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 77
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 78
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 79
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 80
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 81
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 82
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 83
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 84
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 85
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 86
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 87
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 88
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 89
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 90
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 91
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 92
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 93
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 94
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 95
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 96
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 97
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 98
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 99
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 100
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 101
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 102
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 103
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 104
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 105
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 106
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 107
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 108
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 109
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 110
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 111
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 112
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 113
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 114
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 115
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 116
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 117
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 118
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 119
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 120
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 121
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 122
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 123
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 124
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 125
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 126
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 127
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 128
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 129
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 130
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 131
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 132
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 133
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 134
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 135
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 136
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 137
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 138
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 139
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 140
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 141
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 142
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 143
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 144
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 145
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 146
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 147
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 148
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 149
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 150
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 151
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 152
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 153
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 154
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 155
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 156
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 157
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 158
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 159
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 160
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 161
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 162
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 163
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 164
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 165
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 166
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 167
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 168
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 169
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 170
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 171
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 172
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 173
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 174
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 175
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 176
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 177
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 178
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 179
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 180
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 181
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 182
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 183
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 184
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 185
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 186
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 187
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 188
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 189
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 190
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 191
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 192
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 193
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 194
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 195
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 196
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 197
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 198
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 199
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 200
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 201
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 202
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 203
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 204
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 205
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 206
2011-08-15 18:56:19,473 DEBUG Missing ParentDir path for fileItem number 207
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2011-08-15 18:56:19,473 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\AVG'
2011-08-15 18:56:19,473 INFO Directory 'C:\WINDOWS\System32\Drivers\AVG' not found
2011-08-15 18:56:19,483 DEBUG Processing item 'C:\WINDOWS\System32'
2011-08-15 18:56:19,483 DEBUG Processing item 'C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget'
2011-08-15 18:56:19,483 INFO Directory 'C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget' not found
2011-08-15 18:56:19,483 DEBUG Missing ParentDir path for fileItem number 217
2011-08-15 18:56:19,483 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupCoreBackup'
2011-08-15 18:56:19,483 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupCoreBackup' not found
2011-08-15 18:56:19,483 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup'
2011-08-15 18:56:19,483 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup' not found
2011-08-15 18:56:19,483 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\Chjw'
2011-08-15 18:56:19,483 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\Chjw' not found
2011-08-15 18:56:19,483 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\Antispam'
2011-08-15 18:56:19,483 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\Antispam' not found
2011-08-15 18:56:19,483 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10'
2011-08-15 18:56:19,483 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10' not found
2011-08-15 18:56:19,493 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011'
2011-08-15 18:56:19,493 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011' not found
2011-08-15 18:56:19,493 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2011'
2011-08-15 18:56:19,493 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2011' not found
2011-08-15 18:56:19,493 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk'
2011-08-15 18:56:19,493 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk' not found
2011-08-15 18:56:19,493 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2011.lnk'
2011-08-15 18:56:19,493 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2011.lnk' not found
2011-08-15 18:56:19,493 DEBUG Processing item 'C:\WINDOWS\SysWOW64\Drivers\AVG'
2011-08-15 18:56:19,493 INFO Directory 'C:\WINDOWS\SysWOW64\Drivers\AVG' not found
2011-08-15 18:56:19,493 DEBUG Missing ParentDir path for fileItem number 228
2011-08-15 18:56:19,493 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG LinkScanner® 9.0'
2011-08-15 18:56:19,493 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG LinkScanner® 9.0' not found
2011-08-15 18:56:19,493 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG LinkScanner® 9.0.lnk'
2011-08-15 18:56:19,493 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG LinkScanner® 9.0.lnk' not found

#7 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:12:30 AM

Posted 16 August 2011 - 12:03 AM

Hi,

Please archive ComboFix log into a zip file and see if you're able to attach it.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#8 joe256

joe256
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:04:30 PM

Posted 16 August 2011 - 03:26 PM

It says upload skipped (error io) when I try attach it as a zip file.

#9 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:12:30 AM

Posted 16 August 2011 - 11:43 PM

Hi,

Please try to upload (non zipped) log here. Kindly include a link to this topic.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#10 joe256

joe256
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:04:30 PM

Posted 17 August 2011 - 02:26 PM

I submitted the combofix log

#11 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:12:30 AM

Posted 17 August 2011 - 03:15 PM

Hi,

Please post fresh dds logs (seems that previous one was taken before the ComboFix run).

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#12 joe256

joe256
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:04:30 PM

Posted 17 August 2011 - 08:32 PM

Sorry about that. I thought I did it after running combofix. Here is a fresh dds log.



DDS (Ver_10-11-09.01) - NTFSx86
Run by Anita Anderson at 21:26:37.83 on Wed 08/17/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1006.691 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Documents and Settings\Anita Anderson\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [TaskTray]
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: &D&ownload &with BitComet
IE: &D&ownload all video with BitComet
IE: &D&ownload all with BitComet
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
Trusted Zone: musicmatch.com\online
DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} - hxxps://content10.ilinc.com/download/AXCltInstall.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8DD733A8-353A-4E93-AB85-93CA8DC96F6A} - hxxps://objects.aol.com/activator/en-us/Activator.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://optionsxpressevents.webex.com/client/T26L/webex/ieatgpc.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-10 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-9-13 217032]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-9-13 112592]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-9-12 583640]
S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\sasdifsv.sys --> c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\saskutil.sys --> c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\SASKUTIL.SYS [?]
S2 srenum;srenum;c:\windows\system32\drivers\srenum.sys --> c:\windows\system32\drivers\srenum.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\19.tmp --> c:\windows\system32\19.tmp [?]
S3 ndisrd;WinpkFilter Service;c:\windows\system32\drivers\ndisrd.sys --> c:\windows\system32\drivers\ndisrd.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-9-13 366840]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-9-13 1142224]

=============== Created Last 30 ================

2011-08-17 00:34:02 -------- d-----w- c:\program files\Driver-Soft
2011-08-15 19:09:12 98816 ----a-w- c:\windows\sed.exe
2011-08-15 19:09:12 518144 ----a-w- c:\windows\SWREG.exe
2011-08-15 19:09:12 256000 ----a-w- c:\windows\PEV.exe
2011-08-15 19:09:12 208896 ----a-w- c:\windows\MBR.exe

==================== Find3M ====================


============= FINISH: 21:27:45.01 ===============

Attached Files



#13 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:12:30 AM

Posted 18 August 2011 - 12:13 AM

Hi again,


Open notepad and copy/paste the text in the quotebox below into it:

DDS::
BHO: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
SecCenter::
{17DDD097-36FF-435F-9E1B-52D74245D6BF}


Save this as
CFScript

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.

Posted Image

Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.


Uninstall old Adobe Reader versions and get the latest one (Adobe Reader 10.1) here or get Foxit Reader here. Make sure you don't (unless you want to) install toolbar if choose Foxit Reader! You may also check free readers introduced here.


Uninstall vulnerable Flash versions by following instructions here. Fresh version can be obtained here.


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 7.
  • Click the
    Download
    button to the right.
  • Select Windows on platform combobox and check the box that says:
    Accept License Agreement. Click continue.
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7-windows-i586.exe to install the newest version. Uncheck Carbonite online backup trial if it's offered there.


* Go here to run an online scanner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is UNchecked and the option Scan unwanted applications is checkmarked.
  • Click Scan
  • Wait for the scan to finish.


Post back its report, a fresh dds.txt log and above mentioned ComboFix resultant log. Any symptoms left?

Edited by Blade81, 18 August 2011 - 12:13 AM.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#14 joe256

joe256
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:04:30 PM

Posted 18 August 2011 - 07:37 PM

Hello, here is the new Combofix log as well as a fresh DDS log. I can now use Safe Mode but I lost my internet connection. Yellow exclamation points appear on the device manager next to the network adapters :

Dell Wireless 1370 WLAN Mini-PCI card - Winpkfilter Miniport
Wan Miniport (IP) - Winpkfilter Miniport

I uninstalled the old Adobe Reader and old Java and upgraded to the new ones, but since I don't have internet I cannot verify if Flash is uninstalled or do the online ESET scan yet. I asked for help in the networking forum.


ComboFix 11-08-15.04 - Anita Anderson 08/18/2011 19:41:18.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1006.680 [GMT -4:00]
Running from: E:\ComboFix.exe
Command switches used :: E:\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FAD
.
.
((((((((((((((((((((((((( Files Created from 2011-07-18 to 2011-08-18 )))))))))))))))))))))))))))))))
.
.
2011-08-18 23:34 . 2011-08-18 23:34 -------- d-----w- c:\program files\Common Files\Java
2011-08-18 23:34 . 2011-08-18 23:34 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-18 23:34 . 2011-08-18 23:34 128000 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-18 23:15 . 2011-08-18 23:15 -------- d-----w- c:\documents and settings\Anita Anderson\Local Settings\Application Data\Temp
2011-08-17 00:34 . 2011-08-17 00:34 -------- d-----w- c:\program files\Driver-Soft
2011-08-16 22:51 . 2011-08-16 22:51 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-15_19.17.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-18 23:49 . 2011-08-18 23:49 16384 c:\windows\Temp\Perflib_Perfdata_5a4.dat
- 2004-08-10 17:51 . 2011-08-15 19:02 73170 c:\windows\system32\perfc009.dat
+ 2004-08-10 17:51 . 2011-08-18 23:34 73170 c:\windows\system32\perfc009.dat
- 2004-08-10 17:51 . 2011-08-15 19:02 444786 c:\windows\system32\perfh009.dat
+ 2004-08-10 17:51 . 2011-08-18 23:34 444786 c:\windows\system32\perfh009.dat
+ 2011-08-18 23:34 . 2011-08-18 23:34 214408 c:\windows\system32\javaws.exe
+ 2011-08-18 23:34 . 2011-08-18 23:34 173960 c:\windows\system32\javaw.exe
+ 2011-08-18 23:34 . 2011-08-18 23:34 173960 c:\windows\system32\java.exe
+ 2011-08-18 23:34 . 2011-08-18 23:34 176640 c:\windows\Installer\37431.msi
+ 2011-08-18 23:34 . 2011-08-18 23:34 937984 c:\windows\Installer\3742c.msi
+ 2011-08-18 23:14 . 2011-08-18 23:14 2295808 c:\windows\Installer\274c6.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2009-11-25 3176408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 761947]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-04-20 26112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-04-20 98304]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe" [2005-09-09 8192]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-20 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-20 114688]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-20 77824]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-13 520024]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-4-19 24576]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0sprecovr \SystemRoot\sprecovr.txt
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\wbem\\unsecapp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7967:TCP"= 7967:TCP:BitComet 7967 TCP
"7967:UDP"= 7967:UDP:BitComet 7967 UDP
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2/10/2009 8:02 PM 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [9/13/2010 8:21 PM 217032]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [9/13/2010 8:21 PM 112592]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [9/12/2010 6:54 PM 583640]
S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\ANITAA~1\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS --> c:\docume~1\ANITAA~1\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\ANITAA~1\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS --> c:\docume~1\ANITAA~1\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS [?]
S2 srenum;srenum;c:\windows\system32\DRIVERS\srenum.sys --> c:\windows\system32\DRIVERS\srenum.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM 1029456]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\19.tmp --> c:\windows\system32\19.tmp [?]
S3 ndisrd;WinpkFilter Service;c:\windows\system32\DRIVERS\ndisrd.sys --> c:\windows\system32\DRIVERS\ndisrd.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [9/13/2010 8:20 PM 366840]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: &D&ownload &with BitComet
IE: &D&ownload all video with BitComet
IE: &D&ownload all with BitComet
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: musicmatch.com\online
DPF: {8DD733A8-353A-4E93-AB85-93CA8DC96F6A} - hxxps://objects.aol.com/activator/en-us/Activator.cab
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-TaskTray - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-18 19:49
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\19.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2686934912-2866415145-2308686549-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(688)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
- - - - - - - > 'explorer.exe'(2052)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wscntfy.exe
c:\progra~1\MUSICM~1\MUSICM~3\MMDiag.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\MUSICMATCH\Musicmatch Jukebox\mim.exe
.
**************************************************************************
.
Completion time: 2011-08-18 19:54:31 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-18 23:54
ComboFix2.txt 2011-08-15 19:23
ComboFix3.txt 2009-12-23 18:48
ComboFix4.txt 2009-06-17 17:57
.
Pre-Run: 2,024,275,968 bytes free
Post-Run: 2,008,670,208 bytes free
.
- - End Of File - - 65F49CC3032D5786150FD5C23C2E738F



DDS (Ver_10-11-09.01) - NTFSx86
Run by Anita Anderson at 19:56:55.94 on Thu 08/18/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1006.656 [GMT -4:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Anita Anderson\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: &D&ownload &with BitComet
IE: &D&ownload all video with BitComet
IE: &D&ownload all with BitComet
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
Trusted Zone: musicmatch.com\online
DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} - hxxps://content10.ilinc.com/download/AXCltInstall.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {8DD733A8-353A-4E93-AB85-93CA8DC96F6A} - hxxps://objects.aol.com/activator/en-us/Activator.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://optionsxpressevents.webex.com/client/T26L/webex/ieatgpc.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-10 64160]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-9-13 217032]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-9-13 112592]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-9-12 583640]
S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\sasdifsv.sys --> c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\saskutil.sys --> c:\docume~1\anitaa~1\locals~1\temp\sas_selfextract\SASKUTIL.SYS [?]
S2 srenum;srenum;c:\windows\system32\drivers\srenum.sys --> c:\windows\system32\drivers\srenum.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\19.tmp --> c:\windows\system32\19.tmp [?]
S3 ndisrd;WinpkFilter Service;c:\windows\system32\drivers\ndisrd.sys --> c:\windows\system32\drivers\ndisrd.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-9-13 366840]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-9-13 1142224]

=============== Created Last 30 ================

2011-08-18 23:54:52 -------- d-----w- c:\docume~1\anitaa~1\locals~1\applic~1\Sun
2011-08-18 23:34:29 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-18 23:34:29 128000 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-18 23:15:03 -------- d-----w- c:\docume~1\anitaa~1\locals~1\applic~1\Temp
2011-08-17 00:34:02 -------- d-----w- c:\program files\Driver-Soft
2011-08-15 19:09:12 98816 ----a-w- c:\windows\sed.exe
2011-08-15 19:09:12 518144 ----a-w- c:\windows\SWREG.exe
2011-08-15 19:09:12 256000 ----a-w- c:\windows\PEV.exe
2011-08-15 19:09:12 208896 ----a-w- c:\windows\MBR.exe

==================== Find3M ====================


============= FINISH: 19:57:12.49 ===============

Attached Files



#15 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:12:30 AM

Posted 19 August 2011 - 12:00 AM

Hi,

I asked for help in the networking forum.

Let's see if we can tackle the network problem without another topic (you may post there to let people know that).

Let me know what files you can find here: C:\Qoobox\Quarantine\Registry_backups

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users