I un-installed the AVG.Free 9.0.
Here the log that poped up.
Thank you for the advise and the avast uninstall tool.
I will try that now.
ComboFix 11-04-03.01 - Owner 03/04/2011 21:55:56.1.4 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.4085.2841 [GMT -4:00]
Running from: c:\users\Owner\Pictures\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\jusched.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WMPNetworkSvc
.
.
((((((((((((((((((((((((( Files Created from 2011-03-04 to 2011-04-04 )))))))))))))))))))))))))))))))
.
.
2011-04-04 02:02 . 2011-04-04 02:04 -------- d-----w- c:\users\Owner\AppData\Local\temp
2011-04-04 02:02 . 2011-04-04 02:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-03 23:07 . 2011-04-03 23:07 -------- d-----w- C:\_OTL
2011-03-28 20:30 . 2011-03-28 20:30 -------- d-----w- c:\program files (x86)\Common Files\McAfee
2011-03-28 20:29 . 2011-03-29 16:15 -------- d-----w- c:\program files (x86)\McAfee
2011-03-27 16:25 . 2011-03-27 16:25 -------- d-----w- c:\users\Owner\AppData\Local\{CBBA9F6A-5EBB-4741-821E-D82E75EEC89E}
2011-03-26 13:16 . 2011-03-26 13:16 -------- d-----w- c:\users\Owner\AppData\Local\{4470D77A-E11F-45A6-A9E0-729F4C4E9CE9}
2011-03-25 20:10 . 2011-03-25 20:10 -------- d-----w- c:\users\Owner\AppData\Local\{A9E1FAD2-22DD-48B0-8E29-55EF316C4171}
2011-03-24 23:36 . 2011-03-24 23:36 -------- d-----w- c:\program files (x86)\Microsoft
2011-03-24 11:05 . 2011-03-24 11:06 -------- d-----w- c:\users\Owner\AppData\Local\{DF441B98-1BF7-4E6D-B31A-2D764105DE28}
2011-03-23 23:05 . 2011-03-23 23:05 -------- d-----w- c:\users\Owner\AppData\Local\{47D884B2-F3B4-47E7-9BED-FC7BF6AED343}
2011-03-23 10:49 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 10:49 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-23 10:49 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 10:49 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 10:49 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-23 10:42 . 2011-03-23 10:43 -------- d-----w- c:\users\Owner\AppData\Local\{E572A2F1-6DA3-4321-A0FE-1E12F4D8D404}
2011-03-22 11:45 . 2011-03-22 11:45 -------- d-----w- c:\users\Owner\AppData\Local\{1621B3CC-19D5-4933-A98E-CC9DAC557333}
2011-03-21 07:07 . 2011-03-21 07:07 -------- d-----w- c:\users\Owner\AppData\Local\{A6C7E9B1-8BAF-4F9F-AA7F-91D0E4CA6358}
2011-03-20 17:38 . 2011-03-20 17:39 -------- d-----w- c:\users\Owner\AppData\Local\{98A71E93-2707-4C25-AC5C-108B8094C478}
2011-03-19 19:21 . 2011-03-19 19:21 -------- d-----w- c:\users\Owner\AppData\Local\{7F7537D7-FB8E-47EB-8320-2A466ED1CA2A}
2011-03-19 16:37 . 2011-03-21 17:36 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2011-03-19 15:12 . 2011-03-19 15:12 605960 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-17 11:22 . 2011-03-17 11:22 -------- d-----w- c:\users\Owner\AppData\Local\{8E111FB5-56A1-4F21-9911-CC369D808F46}
2011-03-17 07:01 . 2009-10-09 21:56 2048 ----a-w- c:\windows\SysWow64\winrsmgr.dll
2011-03-17 07:01 . 2009-10-09 21:35 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-03-17 07:01 . 2009-10-09 21:35 13312 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-03-17 07:01 . 2009-10-09 21:34 13312 ----a-w- c:\windows\system32\winrssrv.dll
2011-03-17 04:26 . 2011-03-17 04:26 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
2011-03-17 04:25 . 2011-03-17 04:25 -------- d-----w- c:\programdata\Apple Computer
2011-03-17 04:25 . 2011-03-17 04:25 -------- d-----w- c:\users\Owner\AppData\Local\Apple
2011-03-17 04:25 . 2011-03-17 04:25 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-03-17 04:24 . 2011-03-17 04:24 -------- d-----w- c:\program files\Common Files\Apple
2011-03-17 04:24 . 2011-03-17 04:24 -------- d-----w- c:\program files\Bonjour
2011-03-17 04:24 . 2011-03-17 04:24 -------- d-----w- c:\program files (x86)\Bonjour
2011-03-17 04:23 . 2011-03-17 04:24 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-03-17 04:23 . 2011-03-17 04:23 -------- d-----w- c:\programdata\Apple
2011-03-17 04:16 . 2010-12-17 17:34 2425344 ----a-w- c:\windows\system32\mstscax.dll
2011-03-17 04:16 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-17 04:16 . 2010-12-17 15:41 731136 ----a-w- c:\windows\system32\mstsc.exe
2011-03-17 04:16 . 2010-12-17 13:54 677888 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-03-17 04:16 . 2010-12-29 19:01 416768 ----a-w- c:\windows\system32\sbe.dll
2011-03-17 04:16 . 2010-12-29 19:01 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-03-17 04:16 . 2010-12-29 18:59 226816 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-17 04:16 . 2010-12-29 18:28 322560 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-17 04:16 . 2010-12-29 18:28 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-17 04:16 . 2010-12-29 18:26 177664 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-17 04:16 . 2010-12-29 19:01 210944 ----a-w- c:\windows\system32\sbeio.dll
2011-03-17 04:16 . 2010-12-29 18:28 153088 ----a-w- c:\windows\SysWow64\sbeio.dll
2011-03-17 04:15 . 2011-03-17 04:15 -------- d--h--w- c:\programdata\Common Files
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 04:06 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-01-20 16:46 . 2011-02-14 19:13 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:17 . 2011-02-14 19:13 366592 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:17 . 2011-02-14 19:13 625152 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:16 . 2011-02-14 19:13 287232 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:16 . 2011-02-14 19:13 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:16 . 2011-02-14 19:13 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:16 . 2011-02-14 19:13 1268224 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:16 . 2011-02-14 19:13 748544 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:16 . 2011-02-14 19:13 47104 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:16 . 2011-02-14 19:13 3548672 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:16 . 2011-02-14 19:13 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:14 . 2011-02-14 19:13 278528 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:14 . 2011-02-14 19:13 195072 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:08 . 2011-02-14 19:13 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
2011-01-20 16:08 . 2011-02-14 19:13 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-14 19:13 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-01-20 16:08 . 2011-02-14 19:13 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
2011-01-20 16:08 . 2011-02-14 19:13 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
2011-01-20 16:07 . 2011-02-14 19:13 258048 ----a-w- c:\windows\SysWow64\winspool.drv
2011-01-20 16:07 . 2011-02-14 19:13 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2011-01-20 16:06 . 2011-02-14 19:13 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2011-01-20 16:04 . 2011-02-14 19:13 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2011-01-20 16:04 . 2011-02-14 19:13 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2011-01-20 15:01 . 2011-02-14 19:13 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 15:01 . 2011-02-14 19:13 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:59 . 2011-02-14 19:13 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:58 . 2011-02-14 19:13 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:57 . 2011-02-14 19:13 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:42 . 2011-02-14 19:13 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:41 . 2011-02-14 19:13 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:40 . 2011-02-14 19:13 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:40 . 2011-02-14 19:13 34304 ----a-w- c:\windows\system32\mfpmp.exe
2011-01-20 14:40 . 2011-02-14 19:13 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:37 . 2011-02-14 19:13 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:35 . 2011-02-14 19:13 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 14:28 . 2011-02-14 19:13 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
2011-01-20 14:27 . 2011-02-14 19:13 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-20 14:25 . 2011-02-14 19:13 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2011-01-20 14:24 . 2011-02-14 19:13 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-14 19:13 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-14 19:13 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-14 19:13 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2011-01-20 14:14 . 2011-02-14 19:13 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-14 19:13 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2011-01-20 14:11 . 2011-02-14 19:13 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2011-01-20 14:06 . 2011-02-14 19:13 834048 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:47 . 2011-02-14 19:13 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-01-13 10:20 . 2011-01-28 07:11 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7F58F427-5672-44B3-87E9-477EA0C28659}\mpengine.dll
2011-01-13 08:47 . 2011-01-24 00:26 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-08 09:03 . 2011-02-14 19:12 48128 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 08:47 . 2011-02-14 19:12 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-08 06:45 . 2011-02-14 19:12 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-01-08 06:28 . 2011-02-14 19:12 292352 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-06 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"AdobeUpdater"="c:\program files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-06 135664]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 LVcKap64;Logitech AEC Driver;c:\windows\system32\DRIVERS\LVcKap64.sys
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 netr7364;Linksys Compact Wireless-G USB Adapter Driver for Vista;c:\windows\system32\DRIVERS\WUSB54GCx64.sys
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-06-23 109168]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-30 135336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2011-02-16 101048]
S3 LVUVC64;Logitech Webcam 500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\DRIVERS\WUSB54GCv3.sys
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-06 10:38]
.
2011-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-06 10:38]
.
2011-04-03 c:\windows\Tasks\User_Feed_Synchronization-{79662777-9144-4FDC-9878-A688B6B1948B}.job
- c:\windows\system32\msfeedssync.exe [2011-02-14 04:47]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
"combofix"="c:\combofix\CF13003.cfxxe" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://ca.search.yahoo.com/search?fr=mcafee&p=%s
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\769657z5.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4b8497d4&v=6.103.018.001&i=23&tp=ab&iy=&ychte=ca&lng=en-GB&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files (x86)\McAfee\SiteAdvisor
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-WindowsLiveDeviceIntegrator - c:\program files (x86)\Windows Live\Device Integrator\wldi.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - (no file)
AddRemove-sp44626 - c:\hp\Softpaq\sp44626\sp44626.exe
AddRemove-WindowsLiveDeviceIntegrator - c:\program files (x86)\Windows Live\Device Integrator\InstallDI.exe
AddRemove-WinLiveSuite - c:\program files (x86)\Windows Live\Installer\wlarp.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\ACR0065\4&98671ce&0&UID16843008\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\ACR0065\4&98671ce&0&UID16843008\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\4&98671ce&0&UID16843008\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\4&98671ce&0&UID16843008\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A8\4&98671ce&0&UID16843008\Device Parameters\MODES]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A8\4&98671ce&0&UID16843008\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A8\4&98671ce&0&UID16843008\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2011-04-03 22:09:37 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-04 02:09
.
Pre-Run: 376,976,920,576 bytes free
Post-Run: 376,517,332,992 bytes free
.
- - End Of File - - 0F2952DAFA973D05741C739009A56F27
Home
Help
Chat
Connect
Posts
Login
Register
Author