Hidden Virus Disabling Malwarebytes and exeHelper

[JoeNeedsHelpBad]

First off, this is my first post so Im very sorry if its in the wrong section.

I have that mysterious virus thats been around and Ive tried everything to get rid of it. Im running on XP. It allows me to download Malwarebytes, but before any items have been scanned, it is shut down. Ive renamed and downloaded the randomly named file, to no avail. If I attempt to delete all of my private info on Mozilla, it shuts it down and then becomes unusable and I am forced to download it anew. When attempting to open Malwarebytes after it has been shut down, the error message stating the file name and the dreaded "you do not have appropriate permission to access" opens up. Ive downloaded countless tools, such as exehelper, which will not open. I have also noticed in "(C:)", there are six randomly named files, one comprises the "My Computer" symbol, and upon opening, leads me to "My Computer" although named "32788R22FWJFW". The other files are named random long strands of letters and numbers such as "a109d7ebc1221e20bda8". I dont know if these are standard system folders or not. They all contain sub folders inside which I do not have permission to access. Ive tried system restore twice as well, which may cause me to need a new checkpoint after it has been cleared. Im desperate for help. Thanks SOOOO MUCH in advance. I will be open all day tomorrow to attempt to fix it if someone was able. :/

[screen317]

Hi and welcome to Malwarebytes.

• Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  
• Execute the file TDSSKiller.exe by double-clicking on it.
  
• Wait for the scan and disinfection process to be over.
  
• When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

[JoeNeedsHelpBad]

First off, THANK YOU SO MUCH for coming to my rescue.

Okay, here's the TDS scan:

19:25:20.0093 2188 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43

19:25:22.0093 2188 ============================================================

19:25:22.0093 2188 Current date / time: 2011/09/27 19:25:22.0093

19:25:22.0093 2188 SystemInfo:

19:25:22.0093 2188

19:25:22.0093 2188 OS Version: 5.1.2600 ServicePack: 3.0

19:25:22.0093 2188 Product type: Workstation

19:25:22.0093 2188 ComputerName: LISAMARIE

19:25:22.0093 2188 UserName: Joseph Andrew Fox

19:25:22.0093 2188 Windows directory: C:\WINDOWS

19:25:22.0093 2188 System windows directory: C:\WINDOWS

19:25:22.0093 2188 Processor architecture: Intel x86

19:25:22.0093 2188 Number of processors: 2

19:25:22.0093 2188 Page size: 0x1000

19:25:22.0093 2188 Boot type: Normal boot

19:25:22.0093 2188 ============================================================

19:25:22.0406 2188 Initialize success

19:25:24.0031 3544 ============================================================

19:25:24.0031 3544 Scan started

19:25:24.0031 3544 Mode: Manual;

19:25:24.0031 3544 ============================================================

19:25:24.0421 3544 26031e15 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\354288422:3657228778.exe

19:25:24.0546 3544 Suspicious file (Hidden): C:\WINDOWS\354288422:3657228778.exe. md5: 8f2bb1827cac01aee6a16e30a1260199

19:25:24.0546 3544 26031e15 ( HiddenFile.Multi.Generic ) - warning

19:25:24.0546 3544 26031e15 - detected HiddenFile.Multi.Generic (1)

19:25:24.0640 3544 Abiosdsk - ok

19:25:24.0671 3544 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

19:25:24.0687 3544 abp480n5 - ok

19:25:24.0718 3544 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:25:24.0734 3544 ACPI - ok

19:25:24.0765 3544 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

19:25:24.0765 3544 ACPIEC - ok

19:25:24.0812 3544 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

19:25:24.0828 3544 adpu160m - ok

19:25:24.0875 3544 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

19:25:24.0890 3544 aec - ok

19:25:24.0937 3544 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys

19:25:24.0953 3544 AFD - ok

19:25:24.0984 3544 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

19:25:24.0984 3544 agp440 - ok

19:25:25.0031 3544 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

19:25:25.0046 3544 agpCPQ - ok

19:25:25.0093 3544 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

19:25:25.0093 3544 Aha154x - ok

19:25:25.0109 3544 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

19:25:25.0109 3544 aic78u2 - ok

19:25:25.0140 3544 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

19:25:25.0140 3544 aic78xx - ok

19:25:25.0156 3544 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

19:25:25.0156 3544 AliIde - ok

19:25:25.0187 3544 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

19:25:25.0203 3544 alim1541 - ok

19:25:25.0250 3544 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

19:25:25.0265 3544 amdagp - ok

19:25:25.0328 3544 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

19:25:25.0328 3544 amsint - ok

19:25:25.0390 3544 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

19:25:25.0390 3544 asc - ok

19:25:25.0421 3544 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

19:25:25.0437 3544 asc3350p - ok

19:25:25.0453 3544 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

19:25:25.0453 3544 asc3550 - ok

19:25:25.0500 3544 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:25:25.0515 3544 AsyncMac - ok

19:25:25.0531 3544 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

19:25:25.0546 3544 atapi - ok

19:25:25.0578 3544 Atdisk - ok

19:25:25.0625 3544 ati2mtag (f5fc6ac1e7bc776871361d463fc86be2) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

19:25:25.0671 3544 ati2mtag - ok

19:25:25.0734 3544 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:25:25.0750 3544 Atmarpc - ok

19:25:25.0796 3544 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

19:25:25.0796 3544 audstub - ok

19:25:25.0875 3544 Avg7Core (400e920d2e3f42bf6f1f75dd1b069ce3) C:\WINDOWS\System32\Drivers\avg7core.sys

19:25:25.0937 3544 Avg7Core - ok

19:25:25.0984 3544 Avg7RsW (8a7e25876955e06142ef65b52c906cf1) C:\WINDOWS\System32\Drivers\avg7rsw.sys

19:25:25.0984 3544 Avg7RsW - ok

19:25:26.0000 3544 Avg7RsXP (04d823d681f0d53191a172c3e667fc33) C:\WINDOWS\System32\Drivers\avg7rsxp.sys

19:25:26.0015 3544 Avg7RsXP - ok

19:25:26.0031 3544 AvgClean (603dc17a48c65c637623a9bb5a5e6008) C:\WINDOWS\System32\Drivers\avgclean.sys

19:25:26.0046 3544 AvgClean - ok

19:25:26.0062 3544 AvgTdi (8fa5cdfa0d72befff5e9a36df50e13ec) C:\WINDOWS\System32\Drivers\avgtdi.sys

19:25:26.0078 3544 AvgTdi - ok

19:25:26.0109 3544 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

19:25:26.0109 3544 Beep - ok

19:25:26.0187 3544 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS

19:25:26.0234 3544 CA561 - ok

19:25:26.0437 3544 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

19:25:26.0468 3544 cbidf - ok

19:25:26.0593 3544 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

19:25:26.0593 3544 cbidf2k - ok

19:25:26.0906 3544 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

19:25:26.0921 3544 CCDECODE - ok

19:25:26.0968 3544 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

19:25:26.0968 3544 cd20xrnt - ok

19:25:27.0000 3544 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

19:25:27.0000 3544 Cdaudio - ok

19:25:27.0031 3544 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

19:25:27.0046 3544 Cdfs - ok

19:25:27.0062 3544 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:25:27.0078 3544 Cdrom - ok

19:25:27.0109 3544 Changer - ok

19:25:27.0156 3544 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

19:25:27.0171 3544 CmdIde - ok

19:25:27.0234 3544 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

19:25:27.0250 3544 Cpqarray - ok

19:25:27.0296 3544 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

19:25:27.0312 3544 dac2w2k - ok

19:25:27.0390 3544 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

19:25:27.0406 3544 dac960nt - ok

19:25:27.0468 3544 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

19:25:27.0484 3544 Disk - ok

19:25:27.0531 3544 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS

19:25:27.0531 3544 DLABOIOM - ok

19:25:27.0546 3544 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

19:25:27.0562 3544 DLACDBHM - ok

19:25:27.0562 3544 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS

19:25:27.0578 3544 DLADResN - ok

19:25:27.0578 3544 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

19:25:27.0593 3544 DLAIFS_M - ok

19:25:27.0609 3544 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

19:25:27.0609 3544 DLAOPIOM - ok

19:25:27.0609 3544 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS

19:25:27.0625 3544 DLAPoolM - ok

19:25:27.0671 3544 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS

19:25:27.0671 3544 DLARTL_N - ok

19:25:27.0687 3544 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

19:25:27.0703 3544 DLAUDFAM - ok

19:25:27.0718 3544 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

19:25:27.0734 3544 DLAUDF_M - ok

19:25:27.0796 3544 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

19:25:27.0828 3544 dmboot - ok

19:25:27.0843 3544 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

19:25:27.0875 3544 dmio - ok

19:25:27.0906 3544 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

19:25:27.0906 3544 dmload - ok

19:25:27.0953 3544 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

19:25:27.0953 3544 DMusic - ok

19:25:28.0000 3544 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

19:25:28.0000 3544 dpti2o - ok

19:25:28.0031 3544 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

19:25:28.0031 3544 drmkaud - ok

19:25:28.0078 3544 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

19:25:28.0093 3544 DRVMCDB - ok

19:25:28.0093 3544 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

19:25:28.0109 3544 DRVNDDM - ok

19:25:28.0203 3544 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys

19:25:28.0218 3544 DSproct - ok

19:25:28.0296 3544 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys

19:25:28.0296 3544 E100B - ok

19:25:28.0343 3544 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys

19:25:28.0359 3544 e1express - ok

19:25:28.0468 3544 eeCtrl (96bcd90ed9235a21629effde5e941fb1) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

19:25:28.0484 3544 eeCtrl - ok

19:25:28.0531 3544 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

19:25:28.0531 3544 Fastfat - ok

19:25:28.0593 3544 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

19:25:28.0593 3544 Fdc - ok

19:25:28.0640 3544 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

19:25:28.0656 3544 Fips - ok

19:25:28.0671 3544 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:25:28.0687 3544 Flpydisk - ok

19:25:28.0734 3544 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

19:25:28.0734 3544 FltMgr - ok

19:25:28.0765 3544 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\WINDOWS\system32\FsUsbExDisk.SYS

19:25:28.0765 3544 FsUsbExDisk - ok

19:25:28.0781 3544 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:25:28.0796 3544 Fs_Rec - ok

19:25:28.0828 3544 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:25:28.0843 3544 Ftdisk - ok

19:25:28.0875 3544 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

19:25:28.0890 3544 GEARAspiWDM - ok

19:25:28.0906 3544 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:25:28.0921 3544 Gpc - ok

19:25:28.0953 3544 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

19:25:28.0953 3544 HDAudBus - ok

19:25:29.0000 3544 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:25:29.0000 3544 HidUsb - ok

19:25:29.0062 3544 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

19:25:29.0078 3544 hpn - ok

19:25:29.0125 3544 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

19:25:29.0140 3544 HPZid412 - ok

19:25:29.0171 3544 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

19:25:29.0187 3544 HPZipr12 - ok

19:25:29.0203 3544 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

19:25:29.0218 3544 HPZius12 - ok

19:25:29.0250 3544 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

19:25:29.0250 3544 HTTP - ok

19:25:29.0296 3544 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

19:25:29.0296 3544 i2omgmt - ok

19:25:29.0359 3544 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

19:25:29.0359 3544 i2omp - ok

19:25:29.0390 3544 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:25:29.0390 3544 i8042prt - ok

19:25:29.0437 3544 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iaStor.sys

19:25:29.0437 3544 iaStor - ok

19:25:29.0500 3544 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

19:25:29.0500 3544 Imapi - ok

19:25:29.0562 3544 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

19:25:29.0578 3544 ini910u - ok

19:25:29.0656 3544 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

19:25:29.0656 3544 IntelIde - ok

19:25:29.0718 3544 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:25:29.0718 3544 intelppm - ok

19:25:29.0750 3544 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

19:25:29.0750 3544 Ip6Fw - ok

19:25:29.0781 3544 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:25:29.0781 3544 IpFilterDriver - ok

19:25:29.0843 3544 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:25:29.0859 3544 IpInIp - ok

19:25:29.0906 3544 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:25:29.0906 3544 IpNat - ok

19:25:29.0937 3544 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:25:29.0953 3544 IPSec - ok

19:25:30.0000 3544 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

19:25:30.0000 3544 IRENUM - ok

19:25:30.0046 3544 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:25:30.0062 3544 isapnp - ok

19:25:30.0093 3544 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:25:30.0109 3544 Kbdclass - ok

19:25:30.0140 3544 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

19:25:30.0140 3544 kbdhid - ok

19:25:30.0187 3544 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

19:25:30.0187 3544 kmixer - ok

19:25:30.0250 3544 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

19:25:30.0265 3544 KSecDD - ok

19:25:30.0312 3544 lbrtfdc - ok

19:25:30.0359 3544 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

19:25:30.0359 3544 mnmdd - ok

19:25:30.0421 3544 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

19:25:30.0421 3544 Modem - ok

19:25:30.0453 3544 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:25:30.0453 3544 Mouclass - ok

19:25:30.0500 3544 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:25:30.0515 3544 mouhid - ok

19:25:30.0531 3544 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

19:25:30.0531 3544 MountMgr - ok

19:25:30.0578 3544 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

19:25:30.0578 3544 mraid35x - ok

19:25:30.0625 3544 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:25:30.0625 3544 MRxDAV - ok

19:25:30.0671 3544 MRxSmb (bd8744badf02a28b98aaae171c42c003) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:25:30.0703 3544 MRxSmb ( Rootkit.Win32.ZAccess.g ) - infected

19:25:30.0703 3544 MRxSmb - detected Rootkit.Win32.ZAccess.g (0)

19:25:30.0718 3544 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

19:25:30.0718 3544 Msfs - ok

19:25:30.0734 3544 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:25:30.0750 3544 MSKSSRV - ok

19:25:30.0765 3544 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:25:30.0781 3544 MSPCLOCK - ok

19:25:30.0812 3544 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

19:25:30.0812 3544 MSPQM - ok

19:25:30.0875 3544 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:25:30.0875 3544 mssmbios - ok

19:25:30.0937 3544 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

19:25:30.0937 3544 MSTEE - ok

19:25:31.0125 3544 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

19:25:31.0140 3544 Mup - ok

19:25:31.0312 3544 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

19:25:31.0328 3544 NABTSFEC - ok

19:25:31.0468 3544 NAL (1e59aaed42a5e3a5ed86ec403f9c0776) C:\WINDOWS\system32\Drivers\iqvw32.sys

19:25:31.0468 3544 NAL - ok

19:25:31.0531 3544 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

19:25:31.0531 3544 NDIS - ok

19:25:31.0578 3544 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

19:25:31.0578 3544 NdisIP - ok

19:25:31.0625 3544 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:25:31.0625 3544 NdisTapi - ok

19:25:31.0640 3544 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:25:31.0656 3544 Ndisuio - ok

19:25:31.0656 3544 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:25:31.0671 3544 NdisWan - ok

19:25:31.0687 3544 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

19:25:31.0687 3544 NDProxy - ok

19:25:31.0750 3544 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

19:25:31.0765 3544 NetBIOS - ok

19:25:31.0781 3544 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

19:25:31.0796 3544 NetBT - ok

19:25:31.0812 3544 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

19:25:31.0828 3544 Npfs - ok

19:25:31.0843 3544 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

19:25:31.0859 3544 Ntfs - ok

19:25:31.0875 3544 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

19:25:31.0875 3544 Null - ok

19:25:31.0984 3544 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:25:32.0078 3544 nv - ok

19:25:32.0140 3544 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:25:32.0156 3544 NwlnkFlt - ok

19:25:32.0187 3544 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:25:32.0187 3544 NwlnkFwd - ok

19:25:32.0234 3544 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

19:25:32.0234 3544 Parport - ok

19:25:32.0265 3544 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

19:25:32.0265 3544 PartMgr - ok

19:25:32.0296 3544 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

19:25:32.0296 3544 ParVdm - ok

19:25:32.0328 3544 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

19:25:32.0328 3544 PCI - ok

19:25:32.0343 3544 PCIDump - ok

19:25:32.0359 3544 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

19:25:32.0375 3544 PCIIde - ok

19:25:32.0421 3544 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

19:25:32.0421 3544 Pcmcia - ok

19:25:32.0437 3544 PDCOMP - ok

19:25:32.0437 3544 PDFRAME - ok

19:25:32.0453 3544 PDRELI - ok

19:25:32.0453 3544 PDRFRAME - ok

19:25:32.0484 3544 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

19:25:32.0484 3544 perc2 - ok

19:25:32.0531 3544 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

19:25:32.0546 3544 perc2hib - ok

19:25:32.0609 3544 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:25:32.0609 3544 PptpMiniport - ok

19:25:32.0625 3544 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

19:25:32.0640 3544 PSched - ok

19:25:32.0656 3544 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:25:32.0656 3544 Ptilink - ok

19:25:32.0734 3544 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys

19:25:32.0750 3544 PxHelp20 - ok

19:25:32.0781 3544 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

19:25:32.0796 3544 ql1080 - ok

19:25:32.0828 3544 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

19:25:32.0828 3544 Ql10wnt - ok

19:25:32.0875 3544 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

19:25:32.0890 3544 ql12160 - ok

19:25:32.0921 3544 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

19:25:32.0937 3544 ql1240 - ok

19:25:33.0000 3544 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

19:25:33.0015 3544 ql1280 - ok

19:25:33.0062 3544 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:25:33.0062 3544 RasAcd - ok

19:25:33.0125 3544 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:25:33.0140 3544 Rasl2tp - ok

19:25:33.0171 3544 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:25:33.0171 3544 RasPppoe - ok

19:25:33.0203 3544 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

19:25:33.0203 3544 Raspti - ok

19:25:33.0265 3544 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:25:33.0281 3544 Rdbss - ok

19:25:33.0312 3544 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:25:33.0312 3544 RDPCDD - ok

19:25:33.0390 3544 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:25:33.0390 3544 rdpdr - ok

19:25:33.0406 3544 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

19:25:33.0421 3544 RDPWD - ok

19:25:33.0437 3544 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

19:25:33.0453 3544 redbook - ok

19:25:33.0500 3544 RT73 (6ea04a4370609e5e1eaeee898a2ab6ac) C:\WINDOWS\system32\DRIVERS\rt73.sys

19:25:33.0515 3544 RT73 - ok

19:25:33.0562 3544 SASKUTIL - ok

19:25:33.0640 3544 SDDMI2 (8edd7b9e4a4b4c16e2dab9188caa861b) C:\WINDOWS\system32\DDMI2.sys

19:25:33.0640 3544 SDDMI2 - ok

19:25:33.0750 3544 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:25:33.0750 3544 Secdrv - ok

19:25:33.0812 3544 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

19:25:33.0828 3544 serenum - ok

19:25:33.0875 3544 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

19:25:33.0875 3544 Serial - ok

19:25:33.0921 3544 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

19:25:33.0921 3544 Sfloppy - ok

19:25:33.0953 3544 Simbad - ok

19:25:34.0015 3544 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

19:25:34.0015 3544 sisagp - ok

19:25:34.0093 3544 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

19:25:34.0093 3544 SLIP - ok

19:25:34.0156 3544 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

19:25:34.0156 3544 Sparrow - ok

19:25:34.0203 3544 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

19:25:34.0203 3544 splitter - ok

19:25:34.0250 3544 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

19:25:34.0265 3544 sr - ok

19:25:34.0296 3544 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

19:25:34.0312 3544 Srv - ok

19:25:34.0343 3544 sscebus (b2063ce662af3ab20045121a5b716df6) C:\WINDOWS\system32\DRIVERS\sscebus.sys

19:25:34.0359 3544 sscebus - ok

19:25:34.0390 3544 sscemdfl (66799dc0afe3dcaf8368cae17394a762) C:\WINDOWS\system32\DRIVERS\sscemdfl.sys

19:25:34.0406 3544 sscemdfl - ok

19:25:34.0453 3544 sscemdm (cbf03ffc08f8db547bab2f79aa663d16) C:\WINDOWS\system32\DRIVERS\sscemdm.sys

19:25:34.0468 3544 sscemdm - ok

19:25:34.0562 3544 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys

19:25:34.0687 3544 STHDA - ok

19:25:34.0734 3544 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

19:25:34.0750 3544 streamip - ok

19:25:34.0796 3544 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

19:25:34.0796 3544 swenum - ok

19:25:34.0828 3544 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

19:25:34.0843 3544 swmidi - ok

19:25:34.0890 3544 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

19:25:34.0890 3544 symc810 - ok

19:25:34.0937 3544 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

19:25:34.0937 3544 symc8xx - ok

19:25:35.0109 3544 SYMIDSCO (d65255d470cd5103cce573cd7b5a88d2) C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20091217.001\SymIDSCo.sys

19:25:35.0125 3544 SYMIDSCO - ok

19:25:35.0187 3544 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

19:25:35.0187 3544 sym_hi - ok

19:25:35.0265 3544 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

19:25:35.0265 3544 sym_u3 - ok

19:25:35.0328 3544 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

19:25:35.0328 3544 sysaudio - ok

19:25:35.0375 3544 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:25:35.0390 3544 Tcpip - ok

19:25:35.0421 3544 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

19:25:35.0421 3544 TDPIPE - ok

19:25:35.0484 3544 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

19:25:35.0500 3544 TDTCP - ok

19:25:35.0546 3544 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

19:25:35.0546 3544 TermDD - ok

19:25:35.0640 3544 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

19:25:35.0640 3544 TosIde - ok

19:25:35.0734 3544 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

19:25:35.0750 3544 Udfs - ok

19:25:35.0906 3544 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

19:25:35.0968 3544 ultra - ok

19:25:36.0031 3544 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

19:25:36.0093 3544 Update - ok

19:25:36.0187 3544 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys

19:25:36.0203 3544 USBAAPL - ok

19:25:36.0281 3544 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:25:36.0375 3544 usbccgp - ok

19:25:36.0437 3544 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:25:36.0453 3544 usbehci - ok

19:25:36.0500 3544 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:25:36.0546 3544 usbhub - ok

19:25:36.0703 3544 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:25:36.0734 3544 usbprint - ok

19:25:36.0812 3544 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:25:36.0828 3544 usbscan - ok

19:25:36.0921 3544 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:25:36.0968 3544 USBSTOR - ok

19:25:37.0015 3544 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

19:25:37.0031 3544 usbuhci - ok

19:25:37.0062 3544 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

19:25:37.0078 3544 VgaSave - ok

19:25:37.0140 3544 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

19:25:37.0203 3544 viaagp - ok

19:25:37.0265 3544 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

19:25:37.0265 3544 ViaIde - ok

19:25:37.0359 3544 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

19:25:37.0375 3544 VolSnap - ok

19:25:37.0562 3544 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:25:37.0578 3544 Wanarp - ok

19:25:37.0609 3544 wanatw - ok

19:25:37.0656 3544 WDICA - ok

19:25:37.0703 3544 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

19:25:37.0718 3544 wdmaud - ok

19:25:37.0812 3544 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

19:25:37.0812 3544 WSTCODEC - ok

19:25:37.0843 3544 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

19:25:37.0859 3544 WudfPf - ok

19:25:37.0890 3544 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

19:25:37.0921 3544 WudfRd - ok

19:25:37.0968 3544 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0

19:25:37.0968 3544 \Device\Harddisk0\DR0 - ok

19:25:37.0984 3544 Boot (0x1200) (446909544fa7f4bc0599ea7ac2c04c33) \Device\Harddisk0\DR0\Partition0

19:25:37.0984 3544 \Device\Harddisk0\DR0\Partition0 - ok

19:25:37.0984 3544 ============================================================

19:25:37.0984 3544 Scan finished

19:25:37.0984 3544 ============================================================

19:25:38.0000 3200 Detected object count: 2

19:25:38.0000 3200 Actual detected object count: 2

19:26:18.0812 3200 26031e15 ( HiddenFile.Multi.Generic ) - skipped by user

19:26:18.0812 3200 26031e15 ( HiddenFile.Multi.Generic ) - User select action: Skip

19:26:18.0937 3200 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\mrxsmb.sys) error 1813

19:26:19.0562 3200 Backup copy found, using it..

19:26:19.0609 3200 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - will be cured on reboot

19:26:19.0609 3200 MRxSmb ( Rootkit.Win32.ZAccess.g ) - User select action: Cure

19:26:37.0625 2296 Deinitialize success

And here's the DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Joseph Andrew Fox at 19:29:52 on 2011-09-27

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.378 [GMT -7:00]

.

AV: AVG 7.5.560 *Enabled/Outdated* {41564737-3200-1071-989B-0000E87B4FB1}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\354288422:3657228778.exe

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\stsystra.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Dell Support\DSAgnt.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\program files\valve\steam\steam.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\Program Files\Dell Support Center\gs_agent\dsc.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\FsUsbExService.Exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3007394

uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us

uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us

uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070622

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: WhiteSmoke Bar Toolbar: {167d9323-f7cc-48f5-948a-6f012831a69f} - c:\program files\whitesmoke_bar\prxtbWhit.dll

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: WhiteSmoke Bar Toolbar: {167d9323-f7cc-48f5-948a-6f012831a69f} - c:\program files\whitesmoke_bar\prxtbWhit.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll

BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: WhiteSmoke Bar Toolbar: {167d9323-f7cc-48f5-948a-6f012831a69f} - c:\program files\whitesmoke_bar\prxtbWhit.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [steam] "c:\program files\valve\steam\steam.exe" -silent

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe

mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [NPSStartup]

mRun: [AVG7_CC] c:\progra~1\grisoft\avg7\avgcc.exe /STARTUP

dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE

StartupFolder: c:\docume~1\joseph~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\driver~1.lnk - c:\documents and settings\joseph andrew fox\my documents\downloads\DriverPerformer_V15.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL

IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

LSP: mswsock.dll

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} - hxxp://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - hxxps://2007webmail.chw.edu/OWA/MWScripts/AttachView/1.5/DAX.cab

TCP: DhcpNameServer = 68.87.69.150 68.87.85.102

TCP: Interfaces\{59511AB0-B3C2-4EBE-9DD4-772ED6F9EBAA} : DhcpNameServer = 68.87.69.150 68.87.85.102

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Notify: dimsntfy32 - dimsntfy32.dll

Notify: mdhcp32 - mdhcp32.dll

AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\joseph andrew fox\application data\mozilla\firefox\profiles\uy4qk0fq.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z030&form=ZGAADF&q=

FF - prefs.js: network.proxy.type - 4

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2011-9-19 821856]

R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2011-9-19 4224]

R1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2011-9-19 27776]

R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2011-9-19 10760]

R2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avg7\avgamsvr.exe [2011-9-19 420864]

R2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avg7\avgupsvc.exe [2011-9-19 51712]

R2 AVGEMS;AVG E-mail Scanner;c:\progra~1\grisoft\avg7\avgemc.exe [2011-9-19 408576]

R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2011-9-19 4960]

R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-5-22 238952]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-5-22 36608]

S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-11 135664]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-11 135664]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2011-5-22 98560]

S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2011-5-22 14848]

S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2011-5-22 123648]

.

=============== Created Last 30 ================

.

2011-09-28 02:27:35 48016 --sha-w- c:\windows\system32\c_40324.nl_

2011-09-27 02:37:32 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\Superfish

2011-09-22 04:46:18 -------- d-----w- c:\program files\ESET

2011-09-22 04:30:33 -------- d-----w- c:\program files\Conduit

2011-09-22 04:30:31 -------- d-----w- c:\documents and settings\joseph andrew fox\local settings\application data\WhiteSmoke_Bar

2011-09-22 04:30:30 -------- d-----w- c:\documents and settings\joseph andrew fox\local settings\application data\Conduit

2011-09-22 04:30:29 -------- d-----w- c:\program files\WhiteSmoke_Bar

2011-09-22 04:29:56 -------- d-----w- c:\program files\Quick Web Player

2011-09-22 00:17:52 -------- d-----w- c:\program files\New Folder

2011-09-22 00:13:22 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2011-09-20 01:16:41 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-09-20 01:16:41 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\SUPERAntiSpyware.com

2011-09-20 01:13:04 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\AVG7

2011-09-20 01:12:04 -------- d-----w- c:\documents and settings\all users\application data\Grisoft

2011-09-19 21:42:37 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-09-19 21:42:33 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-09-19 21:42:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-09-18 07:14:13 297038 ----a-w- c:\windows\system32\shimg.dll

2011-09-18 07:14:09 49152 ----a-w- c:\windows\system32\mdhcp32.dll

2011-09-18 07:14:07 135680 ----a-w- c:\windows\system32\dimsntfy32.dll

2011-09-09 19:17:55 -------- d-----w- c:\program files\Pitfall - The Mayan Adventure

.

==================== Find3M ====================

.

2011-09-28 02:27:15 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-09-09 18:17:12 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-09-09 18:15:26 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-09-09 18:15:26 234536 ----a-w- c:\windows\system32\PnkBstrB.exe

2007-08-08 03:16:19 3261688 -c--a-w- c:\program files\Steam.dll

2007-08-08 03:16:19 1039192 -c--a-w- c:\program files\dbghelp.dll

.

============= FINISH: 19:30:53.96 ===============

And my computer, every day, prompts me to install some sort of security device and the Install Wizard appears to keep finding something to install, which I do no allow anyways.

[screen317]

Hi,

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

• When the tool is finished, it will produce a report for you.
  
• Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

[JoeNeedsHelpBad]

I can download ComboFix, and it'll run all the way to step 50, but then I get bluescreened for something I can't remember the name of, has to do with drivers. So I reinstalled, declined the update, all caused blue screen... It's getting worse

[screen317]

Hi,

Delete your copy of ComboFix. Grab a fresh copy and save it to your Desktop, but do not run it yet. Before you download it, rename it to sega.com

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Click Start --> Run, and enter this command exactly as shown:

"%userprofile%\desktop\sega.com" /killall /nombr

See if it will run successfully now. Stop it after half an hour of no activity.

[JoeNeedsHelpBad]

I renamed it to "Sega.com", I type in "%userprofile%\desktop\sega.com" /killall /nombr to no effect. It says it cannot find it. I even tried switching "userprofile" to my profiles name. Didnt work.

[screen317]

Try Sega.com.exe instead; I believe it wasn't named correctly.

[JoeNeedsHelpBad]

It worked!

For future reference, I had to type in "%userprofile%\desktop\sega.com.exe" /killall /nombr after I saved Combo-fix as Sega.com.exe. I'm not sure which one you were telling me to rename so I did both.

Here's the Combo-Fix log:

ComboFix 11-10-10.04 - Joseph Andrew Fox 10/10/2011 16:21:00.6.2 - x86 MINIMAL

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.688 [GMT -7:00]

Running from: c:\documents and settings\Joseph Andrew Fox\desktop\sega.com.exe

Command switches used :: /killall /nombr

AV: AVG 7.5.560 *Enabled/Outdated* {41564737-3200-1071-989B-0000E87B4FB1}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Joseph Andrew Fox\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat

c:\documents and settings\Joseph Andrew Fox\Recent\Thumbs.db

c:\program files\Search Toolbar

c:\program files\Search Toolbar\icon.ico

c:\program files\Search Toolbar\SearchToolbar.dll

c:\program files\Search Toolbar\SearchToolbarUninstall.exe

c:\program files\Search Toolbar\SearchToolbarUpdater.exe

c:\windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}

c:\windows\system32\AutoRun.inf

c:\windows\system32\crt.dat

c:\windows\system32\dimsntfy32.dll

c:\windows\system32\mdhcp32.dll

c:\windows\system32\shimg.dll

.

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe . . . is infected!!

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe . . . was deleted!! You should re-install the program it pertains to

.

Infected copy of c:\windows\system32\Ati2evxx.exe was found and disinfected

Restored copy from - c:\i386\ati2evxx.exe

.

c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe . . . is infected!!

c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe . . . was deleted!! You should re-install the program it pertains to

.

c:\program files\Bonjour\mDNSResponder.exe . . . is infected!!

c:\program files\Bonjour\mDNSResponder.exe . . . was deleted!! You should re-install the program it pertains to

.

c:\windows\system32\FsUsbExService.Exe . . . is infected!!

c:\windows\system32\FsUsbExService.Exe . . . was deleted!! You should re-install the program it pertains to

.

c:\program files\Google\Update\GoogleUpdate.exe . . . is infected!!

c:\program files\Google\Update\GoogleUpdate.exe . . . was deleted!! You should re-install the program it pertains to

.

c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe . . . is infected!!

c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe . . . was deleted!! You should re-install the program it pertains to

.

c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe . . . is infected!!

c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe . . . was deleted!! You should re-install the program it pertains to

.

c:\program files\iPod\bin\iPodService.exe . . . is infected!!

c:\program files\iPod\bin\iPodService.exe . . . was deleted!! You should re-install the program it pertains to

.

c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe . . . is infected!!

c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe . . . was deleted!! You should re-install the program it pertains to

.

c:\progra~1\Symantec\LIVEUP~1\LUCOMS~1.EXE . . . is infected!!

c:\progra~1\Symantec\LIVEUP~1\LUCOMS~1.EXE . . . was deleted!! You should re-install the program it pertains to

.

c:\windows\system32\PnkBstrA.exe . . . is infected!!

c:\windows\system32\PnkBstrA.exe . . . was deleted!! You should re-install the program it pertains to

.

c:\program files\Dell Support Center\bin\sprtsvc.exe . . . is infected!!

c:\program files\Dell Support Center\bin\sprtsvc.exe . . . was deleted!! You should re-install the program it pertains to

.

.

((((((((((((((((((((((((( Files Created from 2011-09-10 to 2011-10-10 )))))))))))))))))))))))))))))))

.

.

2011-10-02 19:33 . 2011-10-10 23:17 -------- d-----w- C:\ComboFix

2011-10-01 04:51 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys

2011-10-01 04:50 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

2011-09-30 23:36 . 2011-09-30 23:36 -------- d-----w- c:\documents and settings\Administrator

2011-09-28 02:27 . 2011-09-28 02:27 48016 --sha-w- c:\windows\system32\c_40324.nl_

2011-09-27 02:37 . 2011-09-27 02:37 -------- d-----w- c:\documents and settings\Joseph Andrew Fox\Application Data\Superfish

2011-09-22 04:46 . 2011-09-22 04:46 -------- d-----w- c:\program files\ESET

2011-09-22 04:30 . 2011-09-22 04:30 -------- d-----w- c:\program files\Conduit

2011-09-22 04:30 . 2011-09-22 04:30 -------- d-----w- c:\documents and settings\Joseph Andrew Fox\Local Settings\Application Data\WhiteSmoke_Bar

2011-09-22 04:30 . 2011-09-22 04:30 -------- d-----w- c:\documents and settings\Joseph Andrew Fox\Local Settings\Application Data\Conduit

2011-09-22 04:30 . 2011-09-22 04:30 -------- d-----w- c:\program files\WhiteSmoke_Bar

2011-09-22 04:29 . 2011-09-22 04:30 -------- d-----w- c:\program files\Quick Web Player

2011-09-22 00:17 . 2011-09-22 00:18 -------- d-----w- c:\program files\New Folder

2011-09-22 00:13 . 2011-09-22 00:13 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2011-09-20 01:16 . 2011-09-22 17:37 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-09-20 01:16 . 2011-09-20 01:16 -------- d-----w- c:\documents and settings\Joseph Andrew Fox\Application Data\SUPERAntiSpyware.com

2011-09-20 01:13 . 2011-09-23 17:35 -------- d-----w- c:\documents and settings\Joseph Andrew Fox\Application Data\AVG7

2011-09-20 01:12 . 2011-09-20 01:12 4960 ----a-w- c:\windows\system32\drivers\avgtdi.sys

2011-09-20 01:12 . 2011-09-20 01:12 4224 ----a-w- c:\windows\system32\drivers\avg7rsw.sys

2011-09-20 01:12 . 2011-09-20 01:12 27776 ----a-w- c:\windows\system32\drivers\avg7rsxp.sys

2011-09-20 01:12 . 2011-09-20 01:12 26952 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2011-09-20 01:12 . 2011-09-20 01:12 10760 ----a-w- c:\windows\system32\drivers\avgclean.sys

2011-09-20 01:12 . 2011-09-20 01:12 821856 ----a-w- c:\windows\system32\drivers\avg7core.sys

2011-09-20 01:12 . 2011-09-22 00:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Grisoft

2011-09-19 21:42 . 2011-09-28 03:51 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-09-19 21:42 . 2011-09-22 05:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-09-19 21:42 . 2011-09-01 00:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-09-09 18:17 . 2007-10-06 19:11 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-09-09 18:15 . 2009-05-18 00:04 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-09-09 18:15 . 2007-09-30 03:19 234536 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-09-09 09:12 . 2004-08-10 17:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-07-15 13:29 . 2004-08-10 17:51 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2007-08-08 03:16 . 2007-08-08 03:16 3261688 -c--a-w- c:\program files\Steam.dll

2007-08-08 03:16 . 2007-08-08 03:16 1039192 -c--a-w- c:\program files\dbghelp.dll

2011-09-03 06:01 . 2011-05-09 20:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-30 68856]

"Steam"="c:\program files\valve\steam\steam.exe" [2011-08-01 1242448]

"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-05 95576]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-01-05 2002160]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]

"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]

"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-06-22 169984]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]

"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-05-17 273544]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2011-09-20 219136]

.

c:\documents and settings\Joseph Andrew Fox\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

Driver performer.lnk - c:\documents and settings\Joseph Andrew Fox\My Documents\Downloads\DriverPerformer_V15.exe [N/A]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=

"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=

"c:\\Program Files\\ijji\\ijji REACTOR\\REACTOR.exe"=

"c:\\Program Files\\Xfire\\Xfire.exe"=

"c:\\Program Files\\ijji\\ijji REACTOR\\ijjiOptimizer.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\SoulseekNS\\slsk.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Valve\\Steam\\SteamApps\\omegablack\\counter-strike source\\hl2.exe"=

.

S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe --> c:\windows\system32\FsUsbExService.Exe [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [5/22/2011 8:25 PM 36608]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe /medsvc --> c:\program files\Google\Update\GoogleUpdate.exe [?]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [5/22/2011 8:26 PM 98560]

S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [5/22/2011 8:26 PM 14848]

S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [5/22/2011 8:26 PM 123648]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2011-10-09 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 00:57]

.

2011-10-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2051622172-96914403-4112823165-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]

.

2011-10-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2051622172-96914403-4112823165-1007.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]

.

2011-10-08 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2051622172-96914403-4112823165-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]

.

2011-09-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2051622172-96914403-4112823165-1007.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3007394

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000

IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\Superfish\Window Shopper\SuperfishIEAddon.dll

TCP: DhcpNameServer = 68.87.69.150 68.87.85.102

DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - hxxps://2007webmail.chw.edu/OWA/MWScripts/AttachView/1.5/DAX.cab

FF - ProfilePath - c:\documents and settings\Joseph Andrew Fox\Application Data\Mozilla\Firefox\Profiles\uy4qk0fq.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z030&form=ZGAADF&q=

FF - prefs.js: network.proxy.type - 4

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

HKLM-Run-NPSStartup - (no file)

HKLM-Run-AVG7_CC - c:\progra~1\Grisoft\AVG7\avgcc.exe

Notify-dimsntfy32 - dimsntfy32.dll

SafeBoot-46281600.sys

SafeBoot-mcmscsvc

SafeBoot-MCODS

AddRemove-AVG7Uninstall - c:\program files\Grisoft\AVG7\setup.exe

AddRemove-Search Toolbar - c:\program files\Search Toolbar\SearchToolbarUninstall.exe

AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe

AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe

AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe

AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe

AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe

AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe

AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe

AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe

AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe

AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe

AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe

AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe

AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe

AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe

AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe

AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-10-10 16:30

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

.

c:\windows\354288422:3657228778.exe 816 bytes executable

.

scan completed successfully

hidden files: 1

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(2704)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\stsystra.exe

c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe

c:\program files\Google\Google Desktop Search\GoogleDesktopDisplay.exe

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files\HP\Digital Imaging\bin\hpqbam08.exe

.

**************************************************************************

.

Completion time: 2011-10-10 16:38:33 - machine was rebooted

ComboFix-quarantined-files.txt 2011-10-10 23:38

.

Pre-Run: 94,182,060,032 bytes free

Post-Run: 93,173,518,336 bytes free

.

- - End Of File - - 38ECCC6D00169484D08067A1D4038275

Here's the DDS log:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Joseph Andrew Fox at 16:41:04 on 2011-10-10

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.563 [GMT -7:00]

.

AV: AVG 7.5.560 *Enabled/Outdated* {41564737-3200-1071-989B-0000E87B4FB1}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\stsystra.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Dell Support\DSAgnt.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\program files\valve\steam\steam.exe

C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3007394

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File

uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [steam] "c:\program files\valve\steam\steam.exe" -silent

uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe

mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE

StartupFolder: c:\docume~1\joseph~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\driver~1.lnk - c:\documents and settings\joseph andrew fox\my documents\downloads\DriverPerformer_V15.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL

IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} - hxxp://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - hxxps://2007webmail.chw.edu/OWA/MWScripts/AttachView/1.5/DAX.cab

TCP: DhcpNameServer = 68.87.69.150 68.87.85.102

TCP: Interfaces\{59511AB0-B3C2-4EBE-9DD4-772ED6F9EBAA} : DhcpNameServer = 68.87.69.150 68.87.85.102

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\joseph andrew fox\application data\mozilla\firefox\profiles\uy4qk0fq.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z030&form=ZGAADF&q=

FF - prefs.js: network.proxy.type - 4

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2011-9-19 821856]

R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2011-9-19 4224]

R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2011-9-19 10760]

R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2011-9-19 4960]

S1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2011-9-19 27776]

S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]

S2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avg7\avgamsvr.exe --> c:\progra~1\grisoft\avg7\avgamsvr.exe [?]

S2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avg7\avgupsvc.exe --> c:\progra~1\grisoft\avg7\avgupsvc.exe [?]

S2 AVGEMS;AVG E-mail Scanner;c:\progra~1\grisoft\avg7\avgemc.exe --> c:\progra~1\grisoft\avg7\avgemc.exe [?]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\fsusbexservice.exe --> c:\windows\system32\FsUsbExService.Exe [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\googleupdate.exe /svc --> c:\program files\google\update\GoogleUpdate.exe [?]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-5-22 36608]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\googleupdate.exe /medsvc --> c:\program files\google\update\GoogleUpdate.exe [?]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2011-5-22 98560]

S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2011-5-22 14848]

S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2011-5-22 123648]

.

=============== Created Last 30 ================

.

2011-10-10 23:17:46 98816 ----a-w- c:\windows\sed.exe

2011-10-10 23:17:46 518144 ----a-w- c:\windows\SWREG.exe

2011-10-10 23:17:46 256000 ----a-w- c:\windows\PEV.exe

2011-10-10 23:17:46 208896 ----a-w- c:\windows\MBR.exe

2011-10-10 23:17:38 -------- d-----w- C:\Sega.com

2011-10-02 19:33:15 -------- d-----w- C:\ComboFix

2011-10-01 04:51:24 105472 ------w- c:\windows\system32\dllcache\mup.sys

2011-10-01 04:50:39 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

2011-10-01 00:01:58 -------- d-sha-r- C:\cmdcons

2011-09-28 02:27:35 48016 --sha-w- c:\windows\system32\c_40324.nl_

2011-09-27 02:37:32 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\Superfish

2011-09-22 04:46:18 -------- d-----w- c:\program files\ESET

2011-09-22 04:30:33 -------- d-----w- c:\program files\Conduit

2011-09-22 04:30:31 -------- d-----w- c:\documents and settings\joseph andrew fox\local settings\application data\WhiteSmoke_Bar

2011-09-22 04:30:30 -------- d-----w- c:\documents and settings\joseph andrew fox\local settings\application data\Conduit

2011-09-22 04:30:29 -------- d-----w- c:\program files\WhiteSmoke_Bar

2011-09-22 04:29:56 -------- d-----w- c:\program files\Quick Web Player

2011-09-22 00:17:52 -------- d-----w- c:\program files\New Folder

2011-09-22 00:13:22 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2011-09-20 01:16:41 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-09-20 01:16:41 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\SUPERAntiSpyware.com

2011-09-20 01:13:04 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\AVG7

2011-09-20 01:12:04 -------- d-----w- c:\documents and settings\all users\application data\Grisoft

2011-09-19 21:42:37 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-09-19 21:42:33 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-09-19 21:42:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.

==================== Find3M ====================

.

2011-09-09 18:17:12 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-09-09 18:15:26 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-09-09 18:15:26 234536 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2007-08-08 03:16:19 3261688 -c--a-w- c:\program files\Steam.dll

2007-08-08 03:16:19 1039192 -c--a-w- c:\program files\dbghelp.dll

.

============= FINISH: 16:41:18.75 ===============

[screen317]

Hi,

Note that the antivirus on your computer, AVG7, is outdated and has been replaced by AVG 2012--

I recommend uninstalling AVG7 and replacing it with either:

AVG 2012, or:

Microsoft Security Essentials (what I use)

AntiVir

avast!.

Update MBAM, run a Quick Scan, and post its log.

Did you see the messages in the ComboFix log about having to reinstall some programs?

Grab a fresh copy of ComboFix, run it, and post its log. Also post a fresh DDS log.

Give an update as to how things are running now.

[JoeNeedsHelpBad]

Malware didn't find anything. But here's the log:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7948

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

10/14/2011 12:16:33 PM

mbam-log-2011-10-14 (12-16-33).txt

Scan type: Quick scan

Objects scanned: 237939

Time elapsed: 15 minute(s), 5 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Here's the new Combofix log:

ComboFix 11-10-14.03 - Joseph Andrew Fox 10/14/2011 12:20:52.7.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.343 [GMT -7:00]

Running from: c:\documents and settings\Joseph Andrew Fox\Desktop\ComboFix.exe

AV: AVG 7.5.560 *Enabled/Outdated* {41564737-3200-1071-989B-0000E87B4FB1}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Benjamin Dale Fox\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat

c:\windows\system32\

.

.

((((((((((((((((((((((((( Files Created from 2011-09-14 to 2011-10-14 )))))))))))))))))))))))))))))))

.

.

2011-10-10 23:17 . 2011-10-10 23:38 -------- d-----w- C:\Sega.com

2011-10-01 04:51 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys

2011-10-01 04:50 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

2011-09-30 23:36 . 2011-09-30 23:36 -------- d-----w- c:\documents and settings\Administrator

2011-09-28 02:27 . 2011-09-28 02:27 48016 --sha-w- c:\windows\system32\c_40324.nl_

2011-09-27 02:37 . 2011-09-27 02:37 -------- d-----w- c:\documents and settings\Joseph Andrew Fox\Application Data\Superfish

2011-09-26 18:41 . 2011-09-26 18:41 220160 ------w- c:\windows\system32\dllcache\oleacc.dll

2011-09-26 18:41 . 2011-09-26 18:41 20480 ------w- c:\windows\system32\dllcache\oleaccrc.dll

2011-09-22 04:46 . 2011-09-22 04:46 -------- d-----w- c:\program files\ESET

2011-09-22 04:30 . 2011-09-22 04:30 -------- d-----w- c:\program files\Conduit

2011-09-22 04:30 . 2011-09-22 04:30 -------- d-----w- c:\documents and settings\Joseph Andrew Fox\Local Settings\Application Data\WhiteSmoke_Bar

2011-09-22 04:30 . 2011-09-22 04:30 -------- d-----w- c:\documents and settings\Joseph Andrew Fox\Local Settings\Application Data\Conduit

2011-09-22 04:30 . 2011-09-22 04:30 -------- d-----w- c:\program files\WhiteSmoke_Bar

2011-09-22 04:29 . 2011-09-22 04:30 -------- d-----w- c:\program files\Quick Web Player

2011-09-22 00:17 . 2011-09-22 00:18 -------- d-----w- c:\program files\New Folder

2011-09-19 21:42 . 2011-09-22 05:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-09-19 21:42 . 2011-09-01 00:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-09-26 18:41 . 2008-07-30 02:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 18:41 . 2004-08-10 17:51 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 18:41 . 2004-08-10 17:51 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-09 18:17 . 2007-10-06 19:11 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-09-09 18:15 . 2009-05-18 00:04 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-09-09 18:15 . 2007-09-30 03:19 234536 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-09-09 09:12 . 2004-08-10 17:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-06 13:20 . 2004-08-10 17:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-22 23:48 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48 . 2004-08-10 17:51 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56 . 2004-08-10 17:51 385024 ----a-w- c:\windows\system32\html.iec

2011-08-17 13:49 . 2004-08-10 17:50 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2007-08-08 03:16 . 2007-08-08 03:16 3261688 -c--a-w- c:\program files\Steam.dll

2007-08-08 03:16 . 2007-08-08 03:16 1039192 -c--a-w- c:\program files\dbghelp.dll

2011-10-11 02:36 . 2011-05-09 20:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-29 395776]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-30 68856]

"Steam"="c:\program files\valve\steam\steam.exe" [2011-08-01 1242448]

"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-05 95576]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-01-05 2002160]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]

"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]

"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-06-22 169984]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]

"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-05-17 273544]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2011-09-20 219136]

.

c:\documents and settings\Benjamin Dale Fox\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\documents and settings\Lisa Fox\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\documents and settings\Joseph Andrew Fox\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

Driver performer.lnk - c:\documents and settings\Joseph Andrew Fox\My Documents\Downloads\DriverPerformer_V15.exe [N/A]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=

"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=

"c:\\Program Files\\ijji\\ijji REACTOR\\REACTOR.exe"=

"c:\\Program Files\\Xfire\\Xfire.exe"=

"c:\\Program Files\\ijji\\ijji REACTOR\\ijjiOptimizer.exe"=

"c:\\Program Files\\SoulseekNS\\slsk.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Valve\\Steam\\SteamApps\\omegablack\\counter-strike source\\hl2.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

.

S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe --> c:\windows\system32\FsUsbExService.Exe [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [5/22/2011 8:25 PM 36608]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe /medsvc --> c:\program files\Google\Update\GoogleUpdate.exe [?]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [5/22/2011 8:26 PM 98560]

S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [5/22/2011 8:26 PM 14848]

S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [5/22/2011 8:26 PM 123648]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2011-10-09 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 00:57]

.

2011-10-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2051622172-96914403-4112823165-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]

.

2011-10-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2051622172-96914403-4112823165-1007.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]

.

2011-10-08 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2051622172-96914403-4112823165-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]

.

2011-10-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2051622172-96914403-4112823165-1007.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 17:47]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3007394

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000

IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\Superfish\Window Shopper\SuperfishIEAddon.dll

TCP: DhcpNameServer = 68.87.69.150 68.87.85.102

DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - hxxps://2007webmail.chw.edu/OWA/MWScripts/AttachView/1.5/DAX.cab

FF - ProfilePath - c:\documents and settings\Joseph Andrew Fox\Application Data\Mozilla\Firefox\Profiles\uy4qk0fq.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z030&form=ZGAADF&q=

FF - prefs.js: network.proxy.type - 4

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-10-14 12:30

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

.

c:\windows\354288422:3657228778.exe 816 bytes executable

.

scan completed successfully

hidden files: 1

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

Completion time: 2011-10-14 12:40:15

ComboFix-quarantined-files.txt 2011-10-14 19:40

ComboFix2.txt 2011-10-10 23:38

.

Pre-Run: 93,640,142,848 bytes free

Post-Run: 93,902,245,888 bytes free

.

- - End Of File - - C2B0D36ABCEC76FEB1F77681FFACD3B5

And here's the DDS log:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Joseph Andrew Fox at 12:42:01 on 2011-10-14

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.443 [GMT -7:00]

.

AV: AVG 7.5.560 *Enabled/Outdated* {41564737-3200-1071-989B-0000E87B4FB1}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Dell Support\DSAgnt.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

svchost.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3007394

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File

uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [steam] "c:\program files\valve\steam\steam.exe" -silent

uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe

mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\malwarebytes' anti-malware\mbamgui.exe /install /silent

dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE

StartupFolder: c:\docume~1\joseph~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\driver~1.lnk - c:\documents and settings\joseph andrew fox\my documents\downloads\DriverPerformer_V15.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL

IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} - hxxp://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - hxxps://2007webmail.chw.edu/OWA/MWScripts/AttachView/1.5/DAX.cab

TCP: DhcpNameServer = 68.87.69.150 68.87.85.102

TCP: Interfaces\{59511AB0-B3C2-4EBE-9DD4-772ED6F9EBAA} : DhcpNameServer = 68.87.69.150 68.87.85.102

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\joseph andrew fox\application data\mozilla\firefox\profiles\uy4qk0fq.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z030&form=ZGAADF&q=

FF - prefs.js: network.proxy.type - 4

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2011-9-19 821856]

R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2011-9-19 4224]

R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2011-9-19 10760]

R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2011-9-19 4960]

S1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2011-9-19 27776]

S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]

S2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avg7\avgamsvr.exe --> c:\progra~1\grisoft\avg7\avgamsvr.exe [?]

S2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avg7\avgupsvc.exe --> c:\progra~1\grisoft\avg7\avgupsvc.exe [?]

S2 AVGEMS;AVG E-mail Scanner;c:\progra~1\grisoft\avg7\avgemc.exe --> c:\progra~1\grisoft\avg7\avgemc.exe [?]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\fsusbexservice.exe --> c:\windows\system32\FsUsbExService.Exe [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\googleupdate.exe /svc --> c:\program files\google\update\GoogleUpdate.exe [?]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-5-22 36608]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\googleupdate.exe /medsvc --> c:\program files\google\update\GoogleUpdate.exe [?]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2011-5-22 98560]

S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2011-5-22 14848]

S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2011-5-22 123648]

.

=============== Created Last 30 ================

.

2011-10-14 19:18:11 98816 ----a-w- c:\windows\sed.exe

2011-10-14 19:18:11 518144 ----a-w- c:\windows\SWREG.exe

2011-10-14 19:18:11 256000 ----a-w- c:\windows\PEV.exe

2011-10-14 19:18:11 208896 ----a-w- c:\windows\MBR.exe

2011-10-14 19:02:55 -------- d-----w- C:\Sega.com11970S

2011-10-10 23:17:38 -------- d-----w- C:\Sega.com

2011-10-01 04:51:24 105472 ------w- c:\windows\system32\dllcache\mup.sys

2011-10-01 04:50:39 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

2011-10-01 00:01:58 -------- d-sha-r- C:\cmdcons

2011-09-28 02:27:35 48016 --sha-w- c:\windows\system32\c_40324.nl_

2011-09-27 02:37:32 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\Superfish

2011-09-26 18:41:20 220160 ------w- c:\windows\system32\dllcache\oleacc.dll

2011-09-26 18:41:14 20480 ------w- c:\windows\system32\dllcache\oleaccrc.dll

2011-09-22 04:46:18 -------- d-----w- c:\program files\ESET

2011-09-22 04:30:33 -------- d-----w- c:\program files\Conduit

2011-09-22 04:30:31 -------- d-----w- c:\documents and settings\joseph andrew fox\local settings\application data\WhiteSmoke_Bar

2011-09-22 04:30:30 -------- d-----w- c:\documents and settings\joseph andrew fox\local settings\application data\Conduit

2011-09-22 04:30:29 -------- d-----w- c:\program files\WhiteSmoke_Bar

2011-09-22 04:29:56 -------- d-----w- c:\program files\Quick Web Player

2011-09-22 00:17:52 -------- d-----w- c:\program files\New Folder

2011-09-22 00:13:22 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2011-09-20 01:16:41 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-09-20 01:16:41 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\SUPERAntiSpyware.com

2011-09-20 01:13:04 -------- d-----w- c:\documents and settings\joseph andrew fox\application data\AVG7

2011-09-20 01:12:04 -------- d-----w- c:\documents and settings\all users\application data\Grisoft

2011-09-19 21:42:33 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-09-19 21:42:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.

==================== Find3M ====================

.

2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-09 18:17:12 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-09-09 18:15:26 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-09-09 18:15:26 234536 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec

2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2007-08-08 03:16:19 3261688 -c--a-w- c:\program files\Steam.dll

2007-08-08 03:16:19 1039192 -c--a-w- c:\program files\dbghelp.dll

.

============= FINISH: 12:42:15.78 ===============

[JoeNeedsHelpBad]

So I can run Malwarebytes which is good. I know AVG is outdated. But it is also broken. I cant remove it or download a new one. (By the way I'm using oldversion to get it). When I try and download a new one it says there's an error and the detes on it says this:

Local machine: installation failed

Initialization:

Error: Checking of state of the item file avgw.exe failed.

File opening failed. %FILE% = "C:\Program Files\Grisoft\AVG7\avgw.exe"

Permission denied

I am also denied permission to delete a broken combofix file on my desktop. Like the AVG file in my start program, it shows the generic blank exe logo.

I don't know if the afore-mentioned files in my C: drive were problematic, but five of the six are still there. The only one having been removed was the false "My Computer" file.

And no I didn't see that info in the Combofix log? I must not be able to read it correctly.

One last thing. When combofix says it deletes files, they're gone for good right? Cause it deleted my punkbuster for BF2, and was wondering if I should reinstall.

And thanks again! I'm so happy I can run Malwarebytes!

[screen317]

Hi,

Use AVG's removal tool:

http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x86_2012_1796.exe

Reboot.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

1. Tick the box next to YES, I accept the Terms of Use.
   
2. Click Start
   
3. When asked, allow the ActiveX control to install
   
4. Click Start
   
5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
   
6. Click Scan
   Wait for the scan to finish
   
7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
   
8. Copy and paste that log as a reply to this topic
   

Next, download my Security Check from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

Let me know how things are running now and what issues remain.

-screen317

[JoeNeedsHelpBad]

AVG Remover didn't work. I can still find the broken AVG file in my start menu. The logs is WAAAAYYY too long to post or possibly interpret.

There's a lot of "debug failed to delete key" and "DEBUG Missing ParentDir path for fileItem number #"

And ESET didn't work when I ran it with Internet Explorer! After I accepted terms, all I got was a red X in the corner....

[screen317]

What happens when you right click the AVG folder in the Start Menu and click Delete?

Try this scanner instead:

Next, please use the Internet Explorer browser and click here to use the F-Secure Online Scanner.

• Click Start Scanning.
  
• You should get a notification bar (on top) to install the ActiveX control.
  
• Click on it and select to install the ActiveX.
  
• Once the ActiveX is installed, you should accept the License terms by clicking OK below to start the scan.
  
• In case you are having problems with installing the ActiveX/starting the scan, please read here.
  
• Click the Full System Scan button.
  
• It will start to download scanner components and databases. This can take a while.
  
• The main scan will start.
  
• Once the scan has finished scanning, click the Automatic cleaning (recommended) button
  
• It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
  
• The cleaning can take a while, so please be patient.
  
• Then click the Show report button and Copy/Paste what is present under results in your next reply.
  

Next, download my Security Check from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

Let me know how things are running now and what issues remain.

-screen317

[JoeNeedsHelpBad]

When I right click and delete, it deletes. But its still in the Program Files. I cant use that Scanner either. All I get is a blank box with an option to click the down arrow to see other options, which are blank. With a blank check mark box. Are there any scanners I can use Mozilla for?

[screen317]

Hi,

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

• Double-click SystemLook.exe to run it.
  
• Copy the content of the following codebox into the main textfield:
  

  :regfind
  AVG
  :filefind
  AVG
  :folderfind
  AVG
  

  
  

• Click the Look button to start the scan.
  
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  

Note: The log can also be found on your Desktop entitled SystemLook.txt

Try this scanner instead:

Next, please use the Internet Explorer browser and click here to use the F-Secure Online Scanner.

• Click Start Scanning.
  
• You should get a notification bar (on top) to install the ActiveX control.
  
• Click on it and select to install the ActiveX.
  
• Once the ActiveX is installed, you should accept the License terms by clicking OK below to start the scan.
  
• In case you are having problems with installing the ActiveX/starting the scan, please read here.
  
• Click the Full System Scan button.
  
• It will start to download scanner components and databases. This can take a while.
  
• The main scan will start.
  
• Once the scan has finished scanning, click the Automatic cleaning (recommended) button
  
• It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
  
• The cleaning can take a while, so please be patient.
  
• Then click the Show report button and Copy/Paste what is present under results in your next reply.
  

Next, download my Security Check from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

Let me know how things are running now and what issues remain.

-screen317

[JoeNeedsHelpBad]

It seems to be far too long to post.

Didn't find a file nor folder though. I couldn't understand the first part.

And I don't know if you know you sent me to the same scanner. I still can't use it. I get a blank box to try and use...

Thanks again for being so patient with this.

[screen317]

Hi,

Please zip up and attach the report from SystemLook.

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[JoeNeedsHelpBad]

Sorry it's taken so long to get back to this. I haven't had much access to my computer. Okay since it's so long I'm going to break it up.

========== regfind ==========

Searching for "AVG"

[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\7.0\AVGeneral]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgAPI]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgCC]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgFree]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgInet]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgUpgrader]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgVV]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\upg]

"cfg.SetupFile"="C:\Documents and Settings\Joseph Andrew Fox\My Documents\Downloads\avg75487.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"a"="C:\Documents and Settings\Joseph Andrew Fox\My Documents\Downloads\avg75487.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"d"="C:\Documents and Settings\Joseph Andrew Fox\Desktop\7.5_519a_avg75free_519a1276.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"h"="C:\Documents and Settings\Joseph Andrew Fox\Desktop\avg_remover_stf_x86_2012_1796.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG7 Shell Extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin]

@="AVG Alert Manager Internal Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin\CurVer]

@="AMPInt.AvgAmInternalPlugin.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin.7]

@="AVG Alert Manager Internal Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\avgamsvr.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\avgemc.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\avgupsvc.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\avgvault.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{3C9EFEA1-8D1A-11D5-989F-0000E87B4FB1}]

@="avgemc"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{3C9EFEA1-8D1A-11D5-989F-0000E87B4FB1}]

"LocalService"="AVGEMS"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{41564737-3200-1076-989B-0000E87B4FB1}]

@="avgvault"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{833EE712-3BB4-4DFB-8ACE-4686829895B7}]

@="avgupsvc"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{833EE712-3BB4-4DFB-8ACE-4686829895B7}]

"LocalService"="Avg7UpdSvc"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A434D6BB-090E-4DF6-8B03-AA04A6F58804}]

@="avgamsvr"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A434D6BB-090E-4DF6-8B03-AA04A6F58804}]

"LocalService"="Avg7Alrt"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager]

@="AVG Alert Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager\CurVer]

@="AVG.AvgAmAlertManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager.7]

@="AVG Alert Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig]

@="AVG Alert Manager Plugin Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig\CurVer]

@="AVG.AvgAmAlertManagerPluginValuesConfig.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig.7]

@="AVG Alert Manager Plugin Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent]

@="AVG Alert Manager Event Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent\CurVer]

@="AVG.AvgAmEvent.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent.7]

@="AVG Alert Manager Event Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui]

@="Avg Alert Manager Internal Plugin Config Gui Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui\CurVer]

@="AVG.AvgAmInternalPluginConfigGui.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui.7]

@="Avg Alert Manager Internal Plugin Config Gui Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule]

@="AVG Alert Manager Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule\CurVer]

@="AVG.AvgAmRule.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule.7]

@="AVG Alert Manager Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig]

@="Avg Alert Manager UI Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig\CurVer]

@="AVG.AvgAmUIPluginValuesConfig.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig.7]

@="Avg Alert Manager UI Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule]

@="Avg Alert Manager UI Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule\CurVer]

@="AVG.AvgAmUIRule.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule.7]

@="Avg Alert Manager UI Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin]

@="Avg Control Center Alert Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin\CurVer]

@="AVG.AvgCCAlertManagerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin.1]

@="Avg Control Center Alert Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin]

@="Avg Control Center Email Scanner Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin\CurVer]

@="AVG.AvgCCEmailScannerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin.1]

@="Avg Control Center Email Scanner Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin]

@="Avg Control Center License Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin\CurVer]

@="AVG.AvgCCLicensePlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin.1]

@="Avg Control Center License Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin]

@="Avg Control Center Remote Communication Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin\CurVer]

@="AVG.AvgCCRemoteCommunicationPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin.1]

@="Avg Control Center Remote Communication Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin]

@="Avg Control Center Resident Shield Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin\CurVer]

@="AVG.AvgCCResidentShieldPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin.1]

@="Avg Control Center Resident Shield Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin]

@="Avg Control Center Scheduler Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin\CurVer]

@="AVG.AvgCCSchedulerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin.1]

@="Avg Control Center Scheduler Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin]

@="Avg Control Center Shell Extension Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin\CurVer]

@="AVG.AvgCCShellExtensionPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin.1]

@="Avg Control Center Shell Extension Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin]

@="Avg Control Center Update Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin\CurVer]

@="AVG.AvgCCUpdateManagerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin.1]

@="Avg Control Center Update Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin]

@="Avg Control Center Virus Database Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin\CurVer]

@="AVG.AvgCCVirusDatabasePlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin.1]

@="Avg Control Center Virus Database Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin]

@="Avg Control Center Virus Vault Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin\CurVer]

@="AVG.AvgCCVirusVaultPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin.1]

@="Avg Control Center Virus Vault Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager]

@="AVG Config Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager\CurVer]

@="AVG.AvgConfigManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager.7]

@="AVG Config Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl]

@="AVG Email Scanner Control Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl\CurVer]

@="AVG.AvgEmailControl.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl.7]

@="AVG Email Scanner Control Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel]

@="Avg Kernel Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel\CurVer]

@="AVG.AvgKernel.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel.7]

@="Avg Kernel Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest]

@="Avg Mail Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest\CurVer]

@="AVG.AvgMailTest.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest.7]

@="Avg Mail Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport]

@="Avg Report Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport\CurVer]

@="AVG.AvgReport.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport.7]

@="Avg Report Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager]

@="Avg Report Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager\CurVer]

@="AVG.AvgReportManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager.7]

@="Avg Report Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest]

@="Avg Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest\CurVer]

@="AVG.AvgTest.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest.7]

@="Avg Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager]

@="AVG Test Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager\CurVer]

@="AVG.AvgTestManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager.7]

@="AVG Test Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate]

@="Avg Update Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate\CurVer]

@="AVG.AvgUpdate.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate.7]

@="Avg Update Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager]

@="AVG Virus Vault Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager\CurVer]

@="AVG.AvgVirusVaultManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager.7]

@="AVG Virus Vault Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config]

@="AVG Configuration Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config\CurVer]

@="AVG.Config.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config.7]

@="AVG Configuration Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel]

@="AVG 6 Compatibility Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel\CurVer]

@="AVG.Kernel.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel.6]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel.6]

@="AVG 6 Compatibility Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang]

@="AVG Language Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang\CurVer]

@="AVG.Lang.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang.7]

@="AVG Language Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Office.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Office.7]

@="AVG for Office 2000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept]

@="AVG Pup Exception Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept\CurVer]

@="AVG.PupExcept.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept.7]

@="AVG Pup Exception Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService]

@="AvgUpdateService Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService\CurVer]

@="AVG.UpdateService.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService.7]

@="AvgUpdateService Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification]

@="AVGeneralNotification Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification\CurVer]

@="AVGeneralNotification.AVGeneralNotification.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification.1]

@="AVGeneralNotification Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}]

@="AVGeneralNotification Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}\ProgID]

@="AVGeneralNotification.AVGeneralNotification.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}\VersionIndependentProgID]

@="AVGeneralNotification.AVGeneralNotification"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3486DF65-1D90-406A-A072-30629910F113}]

@="AVG Alert Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3486DF65-1D90-406A-A072-30629910F113}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgamsvr.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3486DF65-1D90-406A-A072-30629910F113}\ProgID]

@="AVG.AvgAmAlertManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3486DF65-1D90-406A-A072-30629910F113}\VersionIndependentProgID]

@="AVG.AvgAmAlertManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CD637D-51EE-4851-949D-F76C7B79467E}]

@="AVG Alert Manager Event Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CD637D-51EE-4851-949D-F76C7B79467E}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgamsvr.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CD637D-51EE-4851-949D-F76C7B79467E}\ProgID]

@="AVG.AvgAmEvent.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CD637D-51EE-4851-949D-F76C7B79467E}\VersionIndependentProgID]

@="AVG.AvgAmEvent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1}]

@="AVG Email Scanner Control Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgemc.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1}\ProgID]

@="AVG.AvgEmailControl.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgEmailControl"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFED0-8D1A-11D5-989F-0000E87B4FB1}\InprocServer32]

@="C:\PROGRA~1\Grisoft\AVG7\avgemcps.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1071-989B-0000E87B4FB1}]

@="Avg Kernel Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1071-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcfg.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1071-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgKernel.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1071-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgKernel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1072-989B-0000E87B4FB1}]

@="AVG Test Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1072-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcfg.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1072-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgTestManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1072-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgTestManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1073-989B-0000E87B4FB1}]

@="Avg Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1073-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgscan.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1073-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgTest.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1073-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgTest"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1074-989B-0000E87B4FB1}]

@="AVG Language Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1074-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avglng.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1074-989B-0000E87B4FB1}\ProgID]

@="AVG.Lang.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1074-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.Lang"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1076-989B-0000E87B4FB1}]

@="AVG Virus Vault Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1076-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgvault.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1076-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgVirusVaultManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1076-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgVirusVaultManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1077-989B-0000E87B4FB1}]

@="AVG Configuration Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1077-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcfg.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1077-989B-0000E87B4FB1}\ProgID]

@="AVG.Config.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1077-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.Config"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1078-989B-0000E87B4FB1}]

@="Avg Report Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1078-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgrep.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1078-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgReport.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1078-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgReport"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1079-989B-0000E87B4FB1}]

@="Avg Report Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1079-989B-0000E87B4FB1}\InprocServer32]

[JoeNeedsHelpBad]

@="C:\Program Files\Grisoft\AVG7\avgrep.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1079-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgReportManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1079-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgReportManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1081-989B-0000E87B4FB1}]

@="AVG Config Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1081-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcfg.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1081-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgConfigManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1081-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgConfigManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1086-989B-0000E87B4FB1}]

@="Avg Update Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1086-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgupd.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1086-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgUpdate.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1086-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgUpdate"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1100-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgupsvc.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5624-1E72-4bd9-B454-299127582DA5}]

@="Avg Control Center Scheduler Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5624-1E72-4bd9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5624-1E72-4bd9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCSchedulerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5624-1E72-4bd9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCSchedulerPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5625-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center Resident Shield Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5625-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5625-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCResidentShieldPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5625-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCResidentShieldPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5626-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center Virus Vault Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5626-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5626-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCVirusVaultPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5626-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCVirusVaultPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5627-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center Update Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5627-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5627-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCUpdateManagerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5627-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCUpdateManagerPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5628-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center Virus Database Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5628-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5628-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCVirusDatabasePlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A5628-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCVirusDatabasePlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562A-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center Shell Extension Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562A-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562A-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCShellExtensionPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562A-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCShellExtensionPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562B-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center Remote Communication Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562B-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562B-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCRemoteCommunicationPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562B-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCRemoteCommunicationPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562C-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center Email Scanner Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562C-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562C-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCEmailScannerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562C-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCEmailScannerPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562D-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center Alert Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562D-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562D-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCAlertManagerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562D-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCAlertManagerPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562E-1E72-4BD9-B454-299127582DA5}]

@="Avg Control Center License Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562E-1E72-4BD9-B454-299127582DA5}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcckrn.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562E-1E72-4BD9-B454-299127582DA5}\ProgID]

@="AVG.AvgCCLicensePlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{491A562E-1E72-4BD9-B454-299127582DA5}\VersionIndependentProgID]

@="AVG.AvgCCLicensePlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67B30939-3B35-11d2-A595-002018648BA7}]

@="AVG 6 Compatibility Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67B30939-3B35-11d2-A595-002018648BA7}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avg6cmpt.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67B30939-3B35-11d2-A595-002018648BA7}\ProgID]

@="AVG.Kernel.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67B30939-3B35-11d2-A595-002018648BA7}\VersionIndependentProgID]

@="AVG.Kernel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8528CE0F-85B4-11D5-989F-0000E87B4FB1}]

@="Avg Mail Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8528CE0F-85B4-11D5-989F-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgmail.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8528CE0F-85B4-11D5-989F-0000E87B4FB1}\ProgID]

@="AVG.AvgMailTest.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8528CE0F-85B4-11D5-989F-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgMailTest"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EC31897-D1E6-4758-80BE-31E873AC2903}]

@="Avg Alert Manager UI Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EC31897-D1E6-4758-80BE-31E873AC2903}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgamui.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EC31897-D1E6-4758-80BE-31E873AC2903}\ProgID]

@="AVG.AvgAmUIRule.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EC31897-D1E6-4758-80BE-31E873AC2903}\VersionIndependentProgID]

@="AVG.AvgAmUIRule"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EC31898-D1E6-4758-80BE-31E873AC2903}]

@="Avg Alert Manager UI Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EC31898-D1E6-4758-80BE-31E873AC2903}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgamui.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EC31898-D1E6-4758-80BE-31E873AC2903}\ProgID]

@="AVG.AvgAmUIPluginValuesConfig.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EC31898-D1E6-4758-80BE-31E873AC2903}\VersionIndependentProgID]

@="AVG.AvgAmUIPluginValuesConfig"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}]

@="AVG7 Find Extension Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgse.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA70B423-9C37-4793-9EB8-6292160324E8}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgamsps.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B64263D2-8A70-4f86-BC9A-57BE9A7B66DD}]

@="AVG for Office 2000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B64263D2-8A70-4f86-BC9A-57BE9A7B66DD}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgoff2k.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B64263D2-8A70-4f86-BC9A-57BE9A7B66DD}\ProgID]

@="AVG.Office.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B64263D2-8A70-4f86-BC9A-57BE9A7B66DD}\VersionIndependentProgID]

@="AVG.Office"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE78EA97-ED52-4F2D-9CC4-54C5EA379269}]

@="AVG Pup Exception Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE78EA97-ED52-4F2D-9CC4-54C5EA379269}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcfg.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE78EA97-ED52-4F2D-9CC4-54C5EA379269}\ProgID]

@="AVG.PupExcept.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE78EA97-ED52-4F2D-9CC4-54C5EA379269}\VersionIndependentProgID]

@="AVG.PupExcept"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D64A00ED-7309-4712-975D-627B7E497929}]

@="AVG Alert Manager Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D64A00ED-7309-4712-975D-627B7E497929}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgamsvr.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D64A00ED-7309-4712-975D-627B7E497929}\ProgID]

@="AVG.AvgAmRule.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D64A00ED-7309-4712-975D-627B7E497929}\VersionIndependentProgID]

@="AVG.AvgAmRule"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D64A00EE-7309-4712-975D-627B7E497929}]

@="AVG Alert Manager Plugin Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D64A00EE-7309-4712-975D-627B7E497929}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgamsvr.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D64A00EE-7309-4712-975D-627B7E497929}\ProgID]

@="AVG.AvgAmAlertManagerPluginValuesConfig.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D64A00EE-7309-4712-975D-627B7E497929}\VersionIndependentProgID]

@="AVG.AvgAmAlertManagerPluginValuesConfig"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9C027CF-DF75-4D2C-B763-AC1CA31C4AF8}]

@="Avg Alert Manager Internal Plugin Config Gui Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9C027CF-DF75-4D2C-B763-AC1CA31C4AF8}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgamiui.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9C027CF-DF75-4D2C-B763-AC1CA31C4AF8}\ProgID]

@="AVG.AvgAmInternalPluginConfigGui.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9C027CF-DF75-4D2C-B763-AC1CA31C4AF8}\VersionIndependentProgID]

@="AVG.AvgAmInternalPluginConfigGui"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB81754D-CFEF-4323-BE7F-296D3FA3F162}]

@="AVG Alert Manager Internal Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB81754D-CFEF-4323-BE7F-296D3FA3F162}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgamint.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB81754D-CFEF-4323-BE7F-296D3FA3F162}\ProgID]

@="AMPInt.AvgAmInternalPlugin.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB81754D-CFEF-4323-BE7F-296D3FA3F162}\VersionIndependentProgID]

@="AMPInt.AvgAmInternalPlugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10B322D-D5EB-45B1-81C0-380EB462A462}]

@="AVG 7.0 Control Center Plugin Enumerator"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10B322D-D5EB-45B1-81C0-380EB462A462}\{491A5624-1E72-4BD9-B454-299127582DA5}]

@="AVG 7.0 Control Center Scheduler Plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10B322D-D5EB-45B1-81C0-380EB462A462}\{491A5625-1E72-4BD9-B454-299127582DA5}]

@="AVG 7.0 Control Center Resident Shield Plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10B322D-D5EB-45B1-81C0-380EB462A462}\{491A5626-1E72-4BD9-B454-299127582DA5}]

@="AVG 7.0 Control Center Virus Vault Plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10B322D-D5EB-45B1-81C0-380EB462A462}\{491A5627-1E72-4BD9-B454-299127582DA5}]

@="AVG 7.0 Control Center Update Manager Plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10B322D-D5EB-45B1-81C0-380EB462A462}\{491A5628-1E72-4BD9-B454-299127582DA5}]

@="AVG 7.0 Control Center Virus Database Plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10B322D-D5EB-45B1-81C0-380EB462A462}\{491A562A-1E72-4BD9-B454-299127582DA5}]

@="AVG 7.0 Control Center Shell Extension Plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10B322D-D5EB-45B1-81C0-380EB462A462}\{491A562C-1E72-4BD9-B454-299127582DA5}]

@="AVG 7.0 Control Center Email Scanner Plugin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F82EDB94-BE85-42BE-9B70-EA5005AB5BAA}]

@="AvgUpdateService Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F82EDB94-BE85-42BE-9B70-EA5005AB5BAA}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgupsvc.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F82EDB94-BE85-42BE-9B70-EA5005AB5BAA}\ProgID]

@="AVG.UpdateService.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F82EDB94-BE85-42BE-9B70-EA5005AB5BAA}\VersionIndependentProgID]

@="AVG.UpdateService"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG7 Shell Extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2133AA56-84E6-4df1-886D-2948783CF2B6}]

@="IAvgAmAlertManagerPluginValuesConfig"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3C9EFED0-8D1A-11D5-989F-0000E87B4FB1}]

@="IAvgEmailControl"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3C9EFED1-8D1A-11D5-989F-0000E87B4FB1}]

@="IAvgEmailServer"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3C9EFED2-8D1A-11D5-989F-0000E87B4FB1}]

@="IAvgEmailMonitor"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3C9EFED3-8D1A-11D5-989F-0000E87B4FB1}]

@="IAvgEmailServerPop3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3C9EFED4-8D1A-11D5-989F-0000E87B4FB1}]

@="IAvgEmailServerSmtp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3C9EFED5-8D1A-11D5-989F-0000E87B4FB1}]

@="IAvgEmailControl2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3C9EFED6-8D1A-11D5-989F-0000E87B4FB1}]

@="IAvgServerMoreParams"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3C9EFED7-8D1A-11D5-989F-0000E87B4FB1}]

@="IAvgEmailControl3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41564737-3200-1100-989B-0000E87B4FB1}]

@="IAvgUpdateManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41564737-3200-1101-989B-0000E87B4FB1}]

@="IAvgCheckUpdateCallback"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41564737-3200-1105-989B-0000E87B4FB1}]

@="IAvgProcessUpdateCallback"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41564737-3200-1110-989B-0000E87B4FB1}]

@="IAvgUpdateManager2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41564737-3200-1111-989B-0000E87B4FB1}]

@="IAvgUpdateManager3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{433352F2-1BAD-4D80-A26F-5A34F4A2D2A1}]

@="IAvgAmRule3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA70B423-9C37-4793-9EB8-6292160324E8}]

@="IAvgAmRule2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC8FF1FA-0040-4318-99EA-205DD4FD25C8}]

@="IAvgAmEnumAttributes"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC8FF1FA-0040-4321-99EA-205DD4FD25C8}]

@="IAvgAmEnumBSTR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EC6BB3BB-5EE8-4046-8D20-1A6975C45141}]

@="IAvgAmEvent2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F7A533DB-676E-4cc2-9890-BD547A7CFD28}]

@="IAvgAmAlertManager2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG7 Shell Extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Grisoft\Avg7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Grisoft\Avg7\AMPlugins\AvgAmInternal]

[HKEY_LOCAL_MACHINE\SOFTWARE\Grisoft\Avg7\config]

"dfncfg"="C:\Program Files\Grisoft\AVG7\dfncfgfr.dat"

[HKEY_LOCAL_MACHINE\SOFTWARE\Grisoft\Clients\{3C9EFEC2-8D1A-11D5-989F-0000E87B4FB1}]

@="@Avg_App_Mail"

[HKEY_LOCAL_MACHINE\SOFTWARE\Grisoft\Clients\{3C9EFEC2-8D1A-11D5-989F-0000E87B4FB1}]

"Config"="C:\PROGRA~1\Grisoft\AVG7\avgemsui.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Grisoft\Clients\{3C9EFEC2-8D1A-11D5-989F-0000E87B4FB1}]

"Log"="C:\Documents and Settings\All Users\Application Data\AVG7\Log"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

"DllName"="avgssie.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\Registration\{91120000-002F-0000-0000-0000000FF1CE}]

"Current"="TQBJAEMAUgBPAFMATwBGAFQAIABTAE8ARgBUAFcAQQBSAEUAIABMAEkAQwBFAE4AUwBFACAAVABFAFIATQBTAA0ACgAyADAAMAA3ACAATQBJAEMAUgBPAFMATwBGAFQAIABPAEYARgBJAEMARQAgAFMAWQBTAFQARQBNACAARABFAFMASwBUAE8AUAAgAEEAUABQAEwASQBDAEEAVABJAE8ATgAgAFMATwBGAFQAVwBBAFIARQANAAoAQgBlAGwAbwB3ACAAYQByAGUAIAB0AGgAcgBlAGUAIABzAGUAcABhAHIAYQB0AGUAIABzAGUAdABzACAAbwBmACAATABpAGMAZQBuAHMAZQAgAFQAZQByAG0AcwAuAKAAIABPAG4AbAB5ACAAbwBuAGUAIABzAGUAdAAgAGEAcABwAGwAaQBlAHMAIAB0AG8AIAB5AG8AdQAuAKAAIABUAG8AIABkAGUAdABlAHIAbQBpAG4AZQAgAHcAaABpAGMAaAAgAEwAaQBjAGUAbgBzAGUAIABUAGUAcgBtAHMAIABhAHAAcABsAHkAIAB0AG8AIAB5AG8AdQAgAGMAaABlAGMAawAgAHQAaABlACAAbABpAGMAZQBuAHMAZQAgAGQAZQBzAGkAZwBuAGEAdABpAG8AbgAgAHAAcgBpAG4AdABlAGQAIABlAGkAdABoAGUAcgAgAG8AbgAgAHkAbwB1AHIAIABwAHIAbwBkAHUAYwB0ACAAawBlAHkALAAgAG4AZQBhAHIAIAB0AGgAZQAgAHAAcgBvAGQAdQBjAHQAIABuAGEAbQBlACAAbwBuACAAeQBvAHUAcgAgAEMAZQByAHQAaQBmAGkAYwBhAHQAZQAgAG8AZgAgAEEAdQB0AGgAZQBuAHQAaQBjAGkAdAB5

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG7Uninstall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGW.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGW.EXE]

@="C:\PROGRA~1\Grisoft\AVG7\avgw.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FindExtensions\Static\Avg7Find]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FindExtensions\Static\Avg7Find\0\DefaultIcon]

@="C:\Program Files\Grisoft\AVG7\avgse.dll,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\42C2662EE13B94340A4823BE678E7B06\Features]

"BufferChm"="gu1}a'%%o9hE)^G_acXpx3!zWPhrq8&D@uZ`TPfRlK]77X%1L@6PgxvA+&!bx}Q(Q9Ji?9Su565J~M7@ok&R=StA6?)pL]VgbS1DI{yG?{?Bz?KvOvgwR^71Tm`57-{,d==LyKNnPe&woAx7]$V{DAr.FOVtqD+4?6m~^23BR=Cs_@'-P^VKPr~CF*p!)A`v[Z=?V88`dlrcialYK9(m^PihfvcI4K'yukD}29QsE=)[RC'Es-y[TC)Yk@+=8++u&f&?A)h(jdoE[=uF5J)Sps6r${)vXRh@(A'R$e?vlk4uVYSrBhg[m9h8F)%&4RPi}I-6Fx%AQ?j9B?vA4)F`CMeM(@Ym59b*6b,xoj!nEVGXTV@qd@@TLaps(-*L3RoYe?O(8?&xpmZ6n4'XsOe{Asn~59D)yx$m=3Rj]X5ypsD_g?GMtt`1SuX2K0X-`=oSz@V}~9$9=m$P3U7T]d){`8T(Z_^d1%5=g6!!VpXH!@sY~t1RU}Ly{tVww7T~R@=j3rj]jTSt$GmPwq=hT9EgI&*8q*ANxW~aj8TVZ@xt$M`qg{PQ$s,C3xF+G?~M^[!~VP0,(T]!-IG(QA0xsfl!&n~ZV@Hr=?A1~=t_Ong[a6=4(!{be_idi?~zLD%[4{hHOipHykBQVA@LBa`t%^PhLwzuG2JcE=C%0U633!D)sY)Pj-]Y=9{c(_-a2bK5p`E%1V?jPAS~)p%1)Bak^kC[ei,~WAu5(PWmm+qt)LGan5Y0x=eg)5{Gk.yKa0]5,wHah8Iv4hBI{w(,wRO~UmH)h=a}PV_IFLHT)}[Qy*`,*?mcOp2YXhLIIPIs$8qM_8B6p]n.7mAQ8fJq=v1G&@uk@89Jbn0]f7=Tg4Bh

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\55EEFB3E2E930EB49B6698EF8583221C\Features]

"SYSTEM_CHECK"="~[O3(D(x$@52%x6,kD`x[xNrqS!&u@zOi1scbYtk}Zm+mOkp{9XI3nyIGJLKRm-(BR){79!,}TT}@`}y+q}E$~=WV?B?868694@s104uyZNSb@-,3MztcrsrpQP~Ru6-~98-ylr&]poIQ}]kmW(P[9nB0-?7EArBq-XCqcsQb8^X6DuTs+qZ4=yr8[JDg98EZPd8r(F=3Lnc^P*I9=2yS$hAUn1%DPXkWX3dAAc`l85E[QD@GNZ=iaZ]U?wnV&3eKAvG^KuZDFN{.=_i)lnvuY{5Z3hk2'}fq?{)y03goG.t)sn6fHpqi=t6ZV9c&Sip$hKbsoR$!Ahw!{Mds5S-sD8^qdJ`h9+4MplvRYBhuTg1v$_FE=k$^poz&]cg$HL$'8=TA?_Mqm[q(~8o*[,fvBdHz@yo_.I1&vDHxL[.!J,k8=r}y]'M4B3VRJ9Yf]HZPAMP@OCDFerqG=w)m%H'n?UA^.p[tH_-e~`_j_4gV=k63Tlz-]IdZ423.HlYe8xnJ]kxvaBXxTbSQ=J[o9n'm]IN!KbDN[sSj8S{q=yv4PU5%~)0E-~&OY0}]A%fig$K[K)6d^lwHdtkf91y&rVKofXz%wt'kr2ML=2@khhOU&g$v467^b~1KA]_`B=XbXo6B@[iyAmVaAtqcx[a{L?C(Y{83sARJ?*2~]7B1}h-zeW[Ek^zj@^P~`.}.s4E[4MP-5!7==K(GasNyOI.1`0+?[%b{9Wtz`kX^V-_u0n[4j97v9PVZ?n~1{a(?AdqJ}2,f=I'%(c9=E%qBtY[u'_SK@)e[u1HlBQgUMpVzpl%aAPQe]0JdPiR39R!sZEf]8'J~URgyMllj}`_E=aE)@,mzaU`^P%I.w&gy

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]

"Counter"="1 1847 2 System 4 Memory 6 % Processor Time 10 File Read Operations/sec 12 File Write Operations/sec 14 File Control Operations/sec 16 File Read Bytes/sec 18 File Write Bytes/sec 20 File Control Bytes/sec 24 Available Bytes 26 Committed Bytes 28 Page Faults/sec 30 Commit Limit 32 Write Copies/sec 34 Transition Faults/sec 36 Cache Faults/sec 38 Demand Zero Faults/sec 40 Pages/sec 42 Page Reads/sec 44 Processor Queue Length 46 Thread State 48 Pages Output/sec 50 Page Writes/sec 52 Browser 54 Announcements Server/sec 56 Pool Paged Bytes 58 Pool Nonpaged Bytes 60 Pool Paged Allocs 64 Pool Nonpaged Allocs 66 Pool Paged Resident Bytes 68 System Code Total Bytes 70 System Code Resident Bytes 72 System Driver Total Bytes 74 System Driver Resident Bytes 76 System Cache Resident Bytes 78 Announcements Domain/sec 80 Election Packets/sec 82 Mailslot Writes/sec 84 Server List Requests/sec 86 Cache 88 Data Maps/sec 90 Sync Data Maps/s

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]

"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the duration of the idle thread is active in the sample interval, and subtracting that time from interval duration. (Each processor has an idle thread tha

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7ALRT]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7ALRT\0000]

"Service"="Avg7Alrt"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7ALRT\0000]

"DeviceDesc"="AVG7 Alert Manager Server"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7CORE]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7CORE\0000]

"Service"="Avg7Core"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7CORE\0000]

"DeviceDesc"="AVG7 Kernel"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7CORE\0000\Control]

"ActiveService"="Avg7Core"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7RSW]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7RSW\0000]

"Service"="Avg7RsW"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7RSW\0000]

"DeviceDesc"="AVG7 Wrap Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7RSXP]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7RSXP\0000]

"Service"="Avg7RsXP"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7RSXP\0000]

"DeviceDesc"="AVG7 Resident Driver XP"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7UPDSVC]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7UPDSVC\0000]

"Service"="Avg7UpdSvc"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG7UPDSVC\0000]

"DeviceDesc"="AVG7 Update Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGCLEAN]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGCLEAN\0000]

"Service"="AvgClean"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGCLEAN\0000]

"DeviceDesc"="AVG7 Clean Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGCLEAN\0000\Control]

"ActiveService"="AvgClean"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGEMS]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGEMS\0000]

"Service"="AVGEMS"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGEMS\0000]

"DeviceDesc"="AVG E-mail Scanner"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO\0000]

"Service"="avgio"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO\0000]

"DeviceDesc"="avgio"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT\0000]

"Service"="avgntflt"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT\0000]

"DeviceDesc"="avgntflt"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDI]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDI\0000]

"Service"="AvgTdi"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDI\0000]

"DeviceDesc"="AVG Network Redirector"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Alrt]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Alrt]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Alrt]

"DisplayName"="AVG7 Alert Manager Server"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Alrt\Enum]

"0"="Root\LEGACY_AVG7ALRT\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Core]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Core]

"ImagePath"="\SystemRoot\System32\Drivers\avg7core.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Core]

"DisplayName"="AVG7 Kernel"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Core]

"Group"="AVG"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Core\Parameters]

"AvgDir"="C:\PROGRA~1\Grisoft\AVG7\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Core\Parameters]

"TempDir"="C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft\Avg7Data\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7Core\Enum]

"0"="Root\LEGACY_AVG7CORE\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsW]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsW]

"ImagePath"="\SystemRoot\System32\Drivers\avg7rsw.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsW]

"DisplayName"="AVG7 Wrap Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsW]

"Group"="AVG"

[JoeNeedsHelpBad]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsW\Enum]

"0"="Root\LEGACY_AVG7RSW\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsXP]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsXP]

"ImagePath"="\SystemRoot\System32\Drivers\avg7rsxp.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsXP]

"DisplayName"="AVG7 Resident Driver XP"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsXP]

"Group"="AVG"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7RsXP\Enum]

"0"="Root\LEGACY_AVG7RSXP\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7UpdSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7UpdSvc]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7UpdSvc]

"DisplayName"="AVG7 Update Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avg7UpdSvc\Enum]

"0"="Root\LEGACY_AVG7UPDSVC\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AvgClean]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AvgClean]

"ImagePath"="\SystemRoot\System32\Drivers\avgclean.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AvgClean]

"DisplayName"="AVG7 Clean Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AvgClean\Enum]

"0"="Root\LEGACY_AVGCLEAN\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AVGEMS]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AVGEMS]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgemc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AVGEMS]

"DisplayName"="AVG E-mail Scanner"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AVGEMS\Enum]

"0"="Root\LEGACY_AVGEMS\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AvgTdi]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AvgTdi]

"ImagePath"="\SystemRoot\System32\Drivers\avgtdi.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AvgTdi]

"DisplayName"="AVG Network Redirector"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AvgTdi\Enum]

"0"="Root\LEGACY_AVGTDI\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application]

"Sources"="WSH WMIAdapter WMI.NET Provider Extension WmdmPmSN WinMgmt Winlogon Windows Product Activation Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv System.ServiceModel.Install 3.0.0.0 System.ServiceModel 3.0.0.0 System.Runtime.Serialization 3.0.0.0 System.IO.Log 3.0.0.0 System.IdentityModel 3.0.0.0 SysmonLog Starter sprtsvc_dellsupportcenter SpoolerCtrs Software Restriction Policies Software Installation ServiceModel Audit 3.0.0.0 SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms RPC Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NDP1.1sp1-KB979906-X86 NDP1.1sp1-KB953297-X86 NDP1.1sp1-KB2572067-X86 NDP1.1sp1-KB2416447-X86 MSSQLSERVER/MSDE MSSOAP MSSHA MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft.Transactions.Bridge 3.0.0.0 Microsoft Office 12 Microsoft H.323 Telephony Service Provider Microsoft Fax Microsoft ® Visual C# 2005 Compiler McLogE

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\AVG7]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\AVG7]

"EventMessageFile"="C:\Program Files\Grisoft\AVG7\avglog.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\AVG7]

"CategoryMessageFile"="C:\Program Files\Grisoft\AVG7\avglog.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avg7Alrt]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avg7Alrt]

"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgamint.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avg7Alrt]

"CategoryMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgamint.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avg7UpdSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avg7UpdSvc]

"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgupsvc.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7ALRT]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7ALRT\0000]

"Service"="Avg7Alrt"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7ALRT\0000]

"DeviceDesc"="AVG7 Alert Manager Server"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7CORE]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7RSW]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7RSW\0000]

"Service"="Avg7RsW"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7RSW\0000]

"DeviceDesc"="AVG7 Wrap Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7RSXP]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7UPDSVC]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7UPDSVC\0000]

"Service"="Avg7UpdSvc"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7UPDSVC\0000]

"DeviceDesc"="AVG7 Update Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGCLEAN]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGEMS]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGEMS\0000]

"Service"="AVGEMS"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGEMS\0000]

"DeviceDesc"="AVG E-mail Scanner"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIO]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIO\0000]

"Service"="avgio"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIO\0000]

"DeviceDesc"="avgio"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGNTFLT]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGNTFLT\0000]

"Service"="avgntflt"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGNTFLT\0000]

"DeviceDesc"="avgntflt"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDI]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Alrt]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Alrt]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Alrt]

"DisplayName"="AVG7 Alert Manager Server"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Core]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Core]

"ImagePath"="\SystemRoot\System32\Drivers\avg7core.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Core]

"DisplayName"="AVG7 Kernel"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Core]

"Group"="AVG"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Core\Parameters]

"AvgDir"="C:\PROGRA~1\Grisoft\AVG7\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7Core\Parameters]

"TempDir"="C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft\Avg7Data\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7RsW]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7RsW]

"ImagePath"="\SystemRoot\System32\Drivers\avg7rsw.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7RsW]

"DisplayName"="AVG7 Wrap Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7RsW]

"Group"="AVG"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7RsXP]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7RsXP]

"ImagePath"="\SystemRoot\System32\Drivers\avg7rsxp.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7RsXP]

"DisplayName"="AVG7 Resident Driver XP"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7RsXP]

"Group"="AVG"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7UpdSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7UpdSvc]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Avg7UpdSvc]

"DisplayName"="AVG7 Update Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AvgClean]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AvgClean]

"ImagePath"="\SystemRoot\System32\Drivers\avgclean.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AvgClean]

"DisplayName"="AVG7 Clean Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVGEMS]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVGEMS]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgemc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVGEMS]

"DisplayName"="AVG E-mail Scanner"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AvgTdi]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AvgTdi]

"ImagePath"="\SystemRoot\System32\Drivers\avgtdi.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AvgTdi]

"DisplayName"="AVG Network Redirector"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application]

"Sources"="WSH WMIAdapter WMI.NET Provider Extension WmdmPmSN WinMgmt Winlogon Windows Product Activation Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv System.ServiceModel.Install 3.0.0.0 System.ServiceModel 3.0.0.0 System.Runtime.Serialization 3.0.0.0 System.IO.Log 3.0.0.0 System.IdentityModel 3.0.0.0 SysmonLog Starter sprtsvc_dellsupportcenter SpoolerCtrs Software Restriction Policies Software Installation ServiceModel Audit 3.0.0.0 SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms RPC Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NDP1.1sp1-KB979906-X86 NDP1.1sp1-KB953297-X86 NDP1.1sp1-KB2572067-X86 NDP1.1sp1-KB2416447-X86 MSSQLSERVER/MSDE MSSOAP MSSHA MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft.Transactions.Bridge 3.0.0.0 Microsoft Office 12 Microsoft H.323 Telephony Service Provider Microsoft Fax Microsoft ® Visual C# 2005 Compiler McLogE

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVG7]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVG7]

"EventMessageFile"="C:\Program Files\Grisoft\AVG7\avglog.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVG7]

"CategoryMessageFile"="C:\Program Files\Grisoft\AVG7\avglog.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Avg7Alrt]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Avg7Alrt]

"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgamint.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Avg7Alrt]

"CategoryMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgamint.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Avg7UpdSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Avg7UpdSvc]

"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgupsvc.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7ALRT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7ALRT\0000]

"Service"="Avg7Alrt"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7ALRT\0000]

"DeviceDesc"="AVG7 Alert Manager Server"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7CORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7CORE\0000]

"Service"="Avg7Core"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7CORE\0000]

"DeviceDesc"="AVG7 Kernel"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7CORE\0000\Control]

"ActiveService"="Avg7Core"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSW]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSW\0000]

"Service"="Avg7RsW"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSW\0000]

"DeviceDesc"="AVG7 Wrap Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSXP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSXP\0000]

"Service"="Avg7RsXP"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSXP\0000]

"DeviceDesc"="AVG7 Resident Driver XP"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7UPDSVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7UPDSVC\0000]

"Service"="Avg7UpdSvc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7UPDSVC\0000]

"DeviceDesc"="AVG7 Update Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGCLEAN]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGCLEAN\0000]

"Service"="AvgClean"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGCLEAN\0000]

"DeviceDesc"="AVG7 Clean Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGCLEAN\0000\Control]

"ActiveService"="AvgClean"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGEMS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGEMS\0000]

"Service"="AVGEMS"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGEMS\0000]

"DeviceDesc"="AVG E-mail Scanner"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO\0000]

"Service"="avgio"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO\0000]

"DeviceDesc"="avgio"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT\0000]

"Service"="avgntflt"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT\0000]

"DeviceDesc"="avgntflt"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDI\0000]

"Service"="AvgTdi"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDI\0000]

"DeviceDesc"="AVG Network Redirector"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Alrt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Alrt]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Alrt]

"DisplayName"="AVG7 Alert Manager Server"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Alrt\Enum]

"0"="Root\LEGACY_AVG7ALRT\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Core]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Core]

"ImagePath"="\SystemRoot\System32\Drivers\avg7core.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Core]

"DisplayName"="AVG7 Kernel"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Core]

"Group"="AVG"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Core\Parameters]

"AvgDir"="C:\PROGRA~1\Grisoft\AVG7\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Core\Parameters]

"TempDir"="C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft\Avg7Data\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7Core\Enum]

"0"="Root\LEGACY_AVG7CORE\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsW]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsW]

"ImagePath"="\SystemRoot\System32\Drivers\avg7rsw.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsW]

"DisplayName"="AVG7 Wrap Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsW]

"Group"="AVG"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsW\Enum]

"0"="Root\LEGACY_AVG7RSW\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsXP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsXP]

"ImagePath"="\SystemRoot\System32\Drivers\avg7rsxp.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsXP]

"DisplayName"="AVG7 Resident Driver XP"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsXP]

"Group"="AVG"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7RsXP\Enum]

"0"="Root\LEGACY_AVG7RSXP\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7UpdSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7UpdSvc]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7UpdSvc]

"DisplayName"="AVG7 Update Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avg7UpdSvc\Enum]

"0"="Root\LEGACY_AVG7UPDSVC\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgClean]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgClean]

"ImagePath"="\SystemRoot\System32\Drivers\avgclean.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgClean]

"DisplayName"="AVG7 Clean Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgClean\Enum]

"0"="Root\LEGACY_AVGCLEAN\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGEMS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGEMS]

"ImagePath"="C:\PROGRA~1\Grisoft\AVG7\avgemc.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGEMS]

"DisplayName"="AVG E-mail Scanner"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGEMS\Enum]

"0"="Root\LEGACY_AVGEMS\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgTdi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgTdi]

"ImagePath"="\SystemRoot\System32\Drivers\avgtdi.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgTdi]

"DisplayName"="AVG Network Redirector"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgTdi\Enum]

"0"="Root\LEGACY_AVGTDI\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application]

"Sources"="WSH WMIAdapter WMI.NET Provider Extension WmdmPmSN WinMgmt Winlogon Windows Product Activation Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv System.ServiceModel.Install 3.0.0.0 System.ServiceModel 3.0.0.0 System.Runtime.Serialization 3.0.0.0 System.IO.Log 3.0.0.0 System.IdentityModel 3.0.0.0 SysmonLog Starter sprtsvc_dellsupportcenter SpoolerCtrs Software Restriction Policies Software Installation ServiceModel Audit 3.0.0.0 SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms RPC Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Offline Files Oakley ntbackup NDP1.1sp1-KB979906-X86 NDP1.1sp1-KB953297-X86 NDP1.1sp1-KB2572067-X86 NDP1.1sp1-KB2416447-X86 MSSQLSERVER/MSDE MSSOAP MSSHA MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft.Transactions.Bridge 3.0.0.0 Microsoft Office 12 Microsoft H.323 Telephony Service Provider Microsoft Fax Microsoft ® Visual C# 2005 Compiler Mc

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVG7]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVG7]

"EventMessageFile"="C:\Program Files\Grisoft\AVG7\avglog.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVG7]

"CategoryMessageFile"="C:\Program Files\Grisoft\AVG7\avglog.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg7Alrt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg7Alrt]

"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgamint.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg7Alrt]

"CategoryMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgamint.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg7UpdSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg7UpdSvc]

"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avgupsvc.dll"

[HKEY_USERS\.DEFAULT\Software\Grisoft\Avg7]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE"

[HKEY_USERS\S-1-5-19\Software\Grisoft\Avg7]

[HKEY_USERS\S-1-5-20\Software\Grisoft\Avg7]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Adobe\Acrobat Reader\7.0\AVGeneral]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Grisoft\Avg7]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Grisoft\Avg7\Config\AvgAPI]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Grisoft\Avg7\Config\AvgCC]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Grisoft\Avg7\Config\AvgFree]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Grisoft\Avg7\Config\AvgInet]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Grisoft\Avg7\Config\AvgUpgrader]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Grisoft\Avg7\Config\AvgVV]

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Grisoft\Avg7\Config\upg]

"cfg.SetupFile"="C:\Documents and Settings\Joseph Andrew Fox\My Documents\Downloads\avg75487.exe"

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"a"="C:\Documents and Settings\Joseph Andrew Fox\My Documents\Downloads\avg75487.exe"

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"d"="C:\Documents and Settings\Joseph Andrew Fox\Desktop\7.5_519a_avg75free_519a1276.exe"

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"h"="C:\Documents and Settings\Joseph Andrew Fox\Desktop\avg_remover_stf_x86_2012_1796.exe"

[HKEY_USERS\S-1-5-21-2051622172-96914403-4112823165-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]

[HKEY_USERS\S-1-5-18\Software\Grisoft\Avg7]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE"

========== filefind ==========

Searching for "AVG"

No files found.

========== folderfind ==========

Searching for "AVG"

No folders found.

-= EOF =-

[screen317]

Hi,

My apologies for the delay.

As I create a manual fix, run this:

http://www.avg.com/filedir/util/support/delavg7_en.exe

Reboot, and run the SystemLookup script again.

[JoeNeedsHelpBad]

Here's the System Look:

SystemLook 30.07.11 by jpshortstuff

Log created at 14:32 on 30/11/2011 by Joseph Andrew Fox

Administrator - Elevation successful

========== regfind ==========

Searching for "AVG"

[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\7.0\AVGeneral]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgAPI]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgCC]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgFree]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgInet]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgUpgrader]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\AvgVV]

[HKEY_CURRENT_USER\Software\Grisoft\Avg7\Config\upg]

"cfg.SetupFile"="C:\Documents and Settings\Joseph Andrew Fox\My Documents\Downloads\avg75487.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*]

"b"="C:\Documents and Settings\Joseph Andrew Fox\Desktop\delavg7_en.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"a"="C:\Documents and Settings\Joseph Andrew Fox\My Documents\Downloads\avg75487.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"d"="C:\Documents and Settings\Joseph Andrew Fox\Desktop\7.5_519a_avg75free_519a1276.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"h"="C:\Documents and Settings\Joseph Andrew Fox\Desktop\avg_remover_stf_x86_2012_1796.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe]

"j"="C:\Documents and Settings\Joseph Andrew Fox\Desktop\delavg7_en.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]

"C:\Documents and Settings\Joseph Andrew Fox\Desktop\delavg7_en.exe"="delavg7_en"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]

"C:\AVGTemp\delavg7_en\info.bat"="info"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]

"C:\Documents and Settings\Joseph Andrew Fox\Desktop\avg_remover_stf_x86_2012_1796.exe"="AVG Remover Utility"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG7 Shell Extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin]

@="AVG Alert Manager Internal Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin\CurVer]

@="AMPInt.AvgAmInternalPlugin.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AMPInt.AvgAmInternalPlugin.7]

@="AVG Alert Manager Internal Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\avgamsvr.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\avgemc.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\avgupsvc.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\avgvault.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{3C9EFEA1-8D1A-11D5-989F-0000E87B4FB1}]

@="avgemc"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{3C9EFEA1-8D1A-11D5-989F-0000E87B4FB1}]

"LocalService"="AVGEMS"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{41564737-3200-1076-989B-0000E87B4FB1}]

@="avgvault"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{833EE712-3BB4-4DFB-8ACE-4686829895B7}]

@="avgupsvc"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{833EE712-3BB4-4DFB-8ACE-4686829895B7}]

"LocalService"="Avg7UpdSvc"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A434D6BB-090E-4DF6-8B03-AA04A6F58804}]

@="avgamsvr"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A434D6BB-090E-4DF6-8B03-AA04A6F58804}]

"LocalService"="Avg7Alrt"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager]

@="AVG Alert Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager\CurVer]

@="AVG.AvgAmAlertManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManager.7]

@="AVG Alert Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig]

@="AVG Alert Manager Plugin Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig\CurVer]

@="AVG.AvgAmAlertManagerPluginValuesConfig.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmAlertManagerPluginValuesConfig.7]

@="AVG Alert Manager Plugin Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent]

@="AVG Alert Manager Event Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent\CurVer]

@="AVG.AvgAmEvent.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmEvent.7]

@="AVG Alert Manager Event Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui]

@="Avg Alert Manager Internal Plugin Config Gui Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui\CurVer]

@="AVG.AvgAmInternalPluginConfigGui.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmInternalPluginConfigGui.7]

@="Avg Alert Manager Internal Plugin Config Gui Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule]

@="AVG Alert Manager Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule\CurVer]

@="AVG.AvgAmRule.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmRule.7]

@="AVG Alert Manager Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig]

@="Avg Alert Manager UI Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig\CurVer]

@="AVG.AvgAmUIPluginValuesConfig.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIPluginValuesConfig.7]

@="Avg Alert Manager UI Values Config Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule]

@="Avg Alert Manager UI Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule\CurVer]

@="AVG.AvgAmUIRule.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgAmUIRule.7]

@="Avg Alert Manager UI Rule Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin]

@="Avg Control Center Alert Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin\CurVer]

@="AVG.AvgCCAlertManagerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCAlertManagerPlugin.1]

@="Avg Control Center Alert Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin]

@="Avg Control Center Email Scanner Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin\CurVer]

@="AVG.AvgCCEmailScannerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCEmailScannerPlugin.1]

@="Avg Control Center Email Scanner Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin]

@="Avg Control Center License Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin\CurVer]

@="AVG.AvgCCLicensePlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCLicensePlugin.1]

@="Avg Control Center License Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin]

@="Avg Control Center Remote Communication Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin\CurVer]

@="AVG.AvgCCRemoteCommunicationPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCRemoteCommunicationPlugin.1]

@="Avg Control Center Remote Communication Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin]

@="Avg Control Center Resident Shield Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin\CurVer]

@="AVG.AvgCCResidentShieldPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCResidentShieldPlugin.1]

@="Avg Control Center Resident Shield Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin]

@="Avg Control Center Scheduler Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin\CurVer]

@="AVG.AvgCCSchedulerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCSchedulerPlugin.1]

@="Avg Control Center Scheduler Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin]

@="Avg Control Center Shell Extension Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin\CurVer]

@="AVG.AvgCCShellExtensionPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCShellExtensionPlugin.1]

@="Avg Control Center Shell Extension Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin]

@="Avg Control Center Update Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin\CurVer]

@="AVG.AvgCCUpdateManagerPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCUpdateManagerPlugin.1]

@="Avg Control Center Update Manager Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin]

@="Avg Control Center Virus Database Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin\CurVer]

@="AVG.AvgCCVirusDatabasePlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusDatabasePlugin.1]

@="Avg Control Center Virus Database Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin]

@="Avg Control Center Virus Vault Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin\CurVer]

@="AVG.AvgCCVirusVaultPlugin.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgCCVirusVaultPlugin.1]

@="Avg Control Center Virus Vault Plugin Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager]

@="AVG Config Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager\CurVer]

@="AVG.AvgConfigManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgConfigManager.7]

@="AVG Config Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl]

@="AVG Email Scanner Control Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl\CurVer]

@="AVG.AvgEmailControl.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgEmailControl.7]

@="AVG Email Scanner Control Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel]

@="Avg Kernel Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel\CurVer]

@="AVG.AvgKernel.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgKernel.7]

@="Avg Kernel Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest]

@="Avg Mail Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest\CurVer]

@="AVG.AvgMailTest.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgMailTest.7]

@="Avg Mail Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport]

@="Avg Report Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport\CurVer]

@="AVG.AvgReport.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReport.7]

@="Avg Report Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager]

@="Avg Report Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager\CurVer]

@="AVG.AvgReportManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgReportManager.7]

@="Avg Report Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest]

@="Avg Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest\CurVer]

@="AVG.AvgTest.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTest.7]

@="Avg Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager]

@="AVG Test Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager\CurVer]

@="AVG.AvgTestManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgTestManager.7]

@="AVG Test Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate]

@="Avg Update Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate\CurVer]

@="AVG.AvgUpdate.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgUpdate.7]

@="Avg Update Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager]

@="AVG Virus Vault Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager\CurVer]

@="AVG.AvgVirusVaultManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.AvgVirusVaultManager.7]

@="AVG Virus Vault Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config]

@="AVG Configuration Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config\CurVer]

@="AVG.Config.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Config.7]

@="AVG Configuration Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel]

@="AVG 6 Compatibility Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel\CurVer]

@="AVG.Kernel.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel.6]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Kernel.6]

@="AVG 6 Compatibility Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang]

@="AVG Language Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang\CurVer]

@="AVG.Lang.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Lang.7]

@="AVG Language Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Office.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.Office.7]

@="AVG for Office 2000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept]

@="AVG Pup Exception Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept\CurVer]

@="AVG.PupExcept.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.PupExcept.7]

@="AVG Pup Exception Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService]

@="AvgUpdateService Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService\CurVer]

@="AVG.UpdateService.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService.7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVG.UpdateService.7]

@="AvgUpdateService Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification]

@="AVGeneralNotification Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification\CurVer]

@="AVGeneralNotification.AVGeneralNotification.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification.1]

@="AVGeneralNotification Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}]

@="AVGeneralNotification Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}\ProgID]

@="AVGeneralNotification.AVGeneralNotification.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}\VersionIndependentProgID]

@="AVGeneralNotification.AVGeneralNotification"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3486DF65-1D90-406A-A072-30629910F113}]

@="AVG Alert Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3486DF65-1D90-406A-A072-30629910F113}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgamsvr.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3486DF65-1D90-406A-A072-30629910F113}\ProgID]

@="AVG.AvgAmAlertManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3486DF65-1D90-406A-A072-30629910F113}\VersionIndependentProgID]

@="AVG.AvgAmAlertManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CD637D-51EE-4851-949D-F76C7B79467E}]

@="AVG Alert Manager Event Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CD637D-51EE-4851-949D-F76C7B79467E}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgamsvr.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CD637D-51EE-4851-949D-F76C7B79467E}\ProgID]

@="AVG.AvgAmEvent.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CD637D-51EE-4851-949D-F76C7B79467E}\VersionIndependentProgID]

@="AVG.AvgAmEvent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1}]

@="AVG Email Scanner Control Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1}\LocalServer32]

@=""C:\Program Files\Grisoft\AVG7\avgemc.exe""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1}\ProgID]

@="AVG.AvgEmailControl.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgEmailControl"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C9EFED0-8D1A-11D5-989F-0000E87B4FB1}\InprocServer32]

@="C:\PROGRA~1\Grisoft\AVG7\avgemcps.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1071-989B-0000E87B4FB1}]

@="Avg Kernel Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1071-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcfg.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1071-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgKernel.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1071-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgKernel"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1072-989B-0000E87B4FB1}]

@="AVG Test Manager Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1072-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgcfg.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1072-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgTestManager.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1072-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgTestManager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1073-989B-0000E87B4FB1}]

@="Avg Test Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1073-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avgscan.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1073-989B-0000E87B4FB1}\ProgID]

@="AVG.AvgTest.7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1073-989B-0000E87B4FB1}\VersionIndependentProgID]

@="AVG.AvgTest"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1074-989B-0000E87B4FB1}]

@="AVG Language Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1074-989B-0000E87B4FB1}\InprocServer32]

@="C:\Program Files\Grisoft\AVG7\avglng.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564737-3200-1074-989B-0000E87B4FB1}\ProgID]

@="AVG.Lang.7"